Last time I changes the slapd.conf to restrict anonymous user to see the userPassword attribute from 3rd party LDAP browser. However, our client still wants to encrypt/hash the password stored in LDAP because he says that he can user other users auth to the LDAP and then can see other users' password (e.g. he can see his boss's password).
Since we have the admin portal to change the user password as well, seems it can't restrict userpassword attribute by self read/write.
Also, we will use the password policy and restrict users to re-use the last 12 passwords.
So, my question is that is it possible to hash the password stored in openldap, also, the password stored in the password history is also hashed so that even other users can't see the password of others.
Confidential Communication - This e-mail (including any attachments) is confidential and may be legally privileged. If this e-mail has been sent to you by mistake please inform us by reply e-mail and then delete the e-mail, destroy any printed copy and do not disclose or use the information in it.