Hello,

Playing with 2.6 on rhel8

When imported my data.ldif I noticed i no longer could bind and my credentials would fail. Thought it was simply my account and tried with other test accounts and failed too.

When i compare the userPassword attributes from the source to my 2.6 environment, i see there are two extra characters at the end.

So original looks like: (and whats in data.ldif file)

userPassword:: e2Nblablasuperdupper512hashthatendshere

vs the one in 2.6

userPassword:: e2Nblablasuperdupper512hashthatendshereXX

This happens on all the userPassword attributes that are SHA512. The XX characters seem random, no pattern to it. In other words each userPassword attribute has its own XX characters. 

Interesting, i dont see this issue with accounts that still have SHA1 hash. They are identical. 

I dont recall if i saw this on 2.5 but I’ll update on that.

Thank you,
Dave