Hi, I am newbie to LDAP and I am having a issue. I have to work with MD5 authentication as the application we are going to use has to bind to a LDAP server with password generated using MD5. I am not able to authenticate with password generate using the perl script or using the md5 executable. But if I generate the passwords using slappassword and MD5 I am fine. Can somebody please explain what I am doing wrong and how I can authenticate using perl or md5 exe generated password. Any help is greatly appreciated. Passwords generated using this perl script. for example. MD5 for hello perl -e 'use Digest::MD5 qw(md5_hex);print uc(md5_hex("hello"))."\n";' 5D41402ABC4B2A76B9719D911017C592 Using slappasswd ./slappasswd -h {MD5} -s hello {MD5}XUFAKrxLKna5cZ2REBfFkg== My LDIF file user MD5A assigned perl or md5 exe generated MD5 password and user MD5B assigned slappasswd generated MD5 password. dn: cn=MD5A, ou=hr, o=test objectClass: top objectClass: person objectClass: organizationalPerson cn: MD5A sn: MD5A userpassword: {MD5}5D41402ABC4B2A76B9719D911017C592 title: admin dn: cn=MD5B, ou=hr, o=test objectClass: top objectClass: person objectClass: organizationalPerson cn: MD5B sn: MD5B userpassword: {MD5}XUFAKrxLKna5cZ2REBfFkg== title: admin Import LDIF: # /usr/local/bin/ldapadd -x -W -D "cn=admin" -f users.ldif Enter LDAP Password: adding new entry "o=test" adding new entry "ou=hr,o=test" adding new entry "cn=MD5A, ou=hr, o=test" adding new entry "cn=MD5B, ou=hr, o=test" ldapsearch fails for MD5A with error 49 and for MD5B it works fine. # /usr/local/bin/ldapsearch -x -w hello -D "cn=MD5A, ou=hr, o=test" ldap_bind: Invalid credentials (49) # /usr/local/bin/ldapsearch -x -w hello -D "cn=MD5B, ou=hr, o=test" # extended LDIF # # LDAPv3 # base <> (default) with scope subtree # filter: (objectclass=*) # requesting: ALL # # test dn: o=test objectClass: top objectClass: organization o: test # hr, test dn: ou=hr,o=test objectClass: top objectClass: organizationalUnit ou: asqmatrix ou: hr # MD5A, hr, test dn: cn=MD5A,ou=hr,o=test objectClass: top objectClass: person objectClass: organizationalPerson cn: MD5A sn: MD5A userPassword:: e01ENX01RDQxNDAyQUJDNEIyQTc2Qjk3MTlEOTExMDE3QzU5Mg== title: admin # MD5B, hr, test dn: cn=MD5B,ou=hr,o=test objectClass: top objectClass: person objectClass: organizationalPerson cn: MD5B sn: MD5B userPassword:: e01ENX1YVUZBS3J4TEtuYTVjWjJSRUJmRmtnPT0= title: admin # search result search: 2 result: 0 Success # numResponses: 5 # numEntries: 4
Thanks, SK