Re: OpenLDAP storing password in SSHA

11 Jun 2015


      Hi,
On Thu, 11 Jun 2015, parakrama55 . wrote:
...
Hi Guys
Im adding users data to the ldap from external program or client ,  There
im sending UserPasswrd in clear  text .
So Is there any configuration directive in opendap where we can force
openldap to store receiving clear text password in   SSHA format .
use the ppolicy overlay and the ppolicy_hash_cleartext feature.
man slapo-ppolicy
ppolicy_hash_cleartext
               Specify  that  cleartext  passwords  present  in  Add and Modify
               requests should be hashed before being stored in  the  database.
               This  violates  the  X.500/LDAP  information  model,  but may be
               needed to compensate for LDAP clients that don't use  the  Pass-
               word  Modify extended operation to manage passwords.  It is rec-
               ommended that when this option is used that compare, search, and
               read access be denied to all directory users.
Greetings
Christian
...
Please advice
Thank You
Dhanushka
-- 
Christian Kratzer                   CK Software GmbH
Email:   ck@cksoft.de               Wildberger Weg 24/2
Phone:   +49 7032 893 997 - 0       D-71126 Gaeufelden
Fax:     +49 7032 893 997 - 9       HRB 245288, Amtsgericht Stuttgart
Mobile:  +49 171 1947 843           Geschaeftsfuehrer: Christian Kratzer
Web:     http://www.cksoft.de/

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Re: OpenLDAP storing password in SSHA