Hello Quanah,
thank you for your response. I read through the documentation and I verified that in the path "/usr/lib/ldap" under olcModulePath there are Argon2 files.
argon2-2.5.so.0 argon2-2.5.so.0.1.9 argon2.la argon2.so
Further there is already a module loaded "{0}back_mdb". Sadly I always get an error when trying to add the Argon2-Module "[LDAP result code 80 - other] cannot delete olcModuleLoad"
I list the things I tried setting as a new value in olcModuleLoad
Each from the list above Each from the list above with {1} in the beginning Each from the list above with {} and {0}
I do not understand why this is happening as I am not trying to delete any module, I try to set a new value in addition to back_mdb. I checked, that this is also happening with any other module in the Path.
Many kind regards, Lukas
Am 14.04.2023 um 20:08 schrieb Quanah Gibson-Mount:
--On Thursday, April 13, 2023 9:05 PM +0000 Lukas Adrian Kron lukaskron@posteo.de wrote:
Hi dear,
I was able to find out the Version. On Ubuntu 20.04 2.4.49+dfsg-2ubuntu1.9 Which is the newest avaliable through apt-tools. As Argon-2 was not installed there I launched a new testing environment on Ubuntu 22.04 with Version
/usr/sbin/slapd -VV @(#) $OpenLDAP: slapd 2.5.14+dfsg-0ubuntu0.22.04.2 (Mar 12 2023 17:11:53) $ Ubuntu Developers ubuntu-devel-discuss@lists.ubuntu.com
Which also is the newest version I am able to install on this Ubuntu-V. Even though it should work in theory when I try to set {ARGON2} or {PBKDF2} in olcDatabase={-1}frontend or any other cn=config with olcPasswordHash I get LDAP result code 80 - other<olcPasswordHash> no valid hashes found.
Besides that this is now a clean installation with no further configuration.
Ubuntu builds those extensions as modules. If you haven't loaded them in your configuration, you can't use them. Please read the documentation:
Specifically the portion on "Dynamic Module Options"
I also advise reading https://www.openldap.org/software/man.cgi?query=slappw-argon2&apropos=0&sektion=5&manpath=OpenLDAP+2.5-Release&arch=default&format=html to see how to use it with command line utilities such as slappasswd.
--Quanah