Re: Userpasswords stored in plain text
Am Wed, 6 Mar 2013 09:58:40 +0000
schrieb arantza serrano <zazu2276(a)hotmail.com>:
Hello,
I need that the userpasswords are stored hashed. I have configured
the slapd.conf file with this option:
password-hash {SSHA}
But when I add users with ldapadd command, I pass the values of
userpassword in plain text. Like this:
/opt/openldap/bin/ldapadd -x -D "root_dn" -w pass_dn << _EOF
dn: uid=usu3,ou=users,o=my_organization
uid: usu2
objectClass: top
objectClass: person
objectClass: organizationalperson
objectClass: inetorgperson
cn: my_cn
sn: my_sn
mail: my_mail(a)mydomain.com
userPassword: usuario
_EOF
[...]
If you add a new entry, create the password hash by mean of
slappasswd(8), if you want to modify a user password, use ldappasswd(1).
-Dieter
--
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:DA147B05
53°37'09,95"N
10°08'02,42"E