Hello Quanah,

thank you for your response.
I read through the documentation and I verified that in the path "/usr/lib/ldap" under olcModulePath there are Argon2 files.

argon2-2.5.so.0        
argon2-2.5.so.0.1.9
argon2.la
argon2.so 

Further there is already a module loaded "{0}back_mdb".
Sadly I always get an error when trying to add the Argon2-Module "[LDAP result code 80 - other] cannot delete olcModuleLoad"

I list the things I tried setting as a new value in olcModuleLoad

Each from the list above
Each from the list above with {1} in the beginning
Each from the list above with {} and {0}

I do not understand why this is happening as I am not trying to delete any module, I try to set a new value in addition to back_mdb. I checked, that this is also happening with any other module in the Path.

Many kind regards,
Lukas

Am 14.04.2023 um 20:08 schrieb Quanah Gibson-Mount:


--On Thursday, April 13, 2023 9:05 PM +0000 Lukas Adrian Kron <lukaskron@posteo.de> wrote:


Hi dear,

I was able to find out the Version. On Ubuntu 20.04 2.4.49+dfsg-2ubuntu1.9
 Which is the newest avaliable through apt-tools. As Argon-2 was not
installed there I launched a new testing environment on Ubuntu 22.04 with
Version

/usr/sbin/slapd -VV
 @(#) $OpenLDAP: slapd 2.5.14+dfsg-0ubuntu0.22.04.2 (Mar 12 2023
17:11:53) $
         Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>


Which also is the newest version I am able to install on this Ubuntu-V.
 Even though it should work in theory when I try to set {ARGON2} or
{PBKDF2} in olcDatabase={-1}frontend or any other cn=config with
olcPasswordHash I get LDAP result code 80 - other<olcPasswordHash> no
valid hashes found.

Besides that this is now a clean installation with no further
configuration.


Ubuntu builds those extensions as modules.  If you haven't loaded them in your configuration, you can't use them.  Please read the documentation:

<https://www.openldap.org/software/man.cgi?query=slapd-config&apropos=0&sektion=0&manpath=OpenLDAP+2.5-Release&arch=default&format=html>

Specifically the portion on "Dynamic Module Options"

I also advise reading <https://www.openldap.org/software/man.cgi?query=slappw-argon2&apropos=0&sektion=5&manpath=OpenLDAP+2.5-Release&arch=default&format=html> to see how to use it with command line utilities such as slappasswd.

--Quanah