Sorry to reply to my own reply but I think I worked out why it fails.
The phpLDAPadmin encryption uses random Salt (AKA SaltedHash), which I can disable, but would rather not. So how does I use the Perl::SaltedHash to encrypt a plain text word?
Cheers,
Stuart.
From: stuart_cherrington@hotmail.co.uk To: openldap-technical@openldap.org Subject: RE: slappasswd2.4 output issue Date: Tue, 27 Jul 2010 08:39:00 +0000
From: dieter@dkluenter.de To: openldap-technical@openldap.org Subject: Re: slappasswd2.4 output issue Date: Tue, 27 Jul 2010 10:11:45 +0200
Stuart Cherrington stuart_cherrington@hotmail.co.uk writes:
Hi,
I'm writing a script to help my fellow admins automatically creates user accounts in OpenLDAP 2.4. Can provide copy of script if you would like it.
The issue I have is encrypting the plain text word into passwd format, I found the very helpful slappasswd2.4 which seems to work so I put it into my script:
echo $NEWPASS > /tmp/newpass chmod 400 /tmp/newpass slappasswd2.4 -h {crypt} -T /tmp/newpass > /tmp/passenc chmod 400 /tmp/passenc EPASS=`cat /tmp/passenc`
It creates an entry in the passenc file which looks like this:
{crypt}mHUqpeNah1BOQ
But when i use this as a variable to the 'userpassword:' attribute then try to compare passwds within phpLDAPadmin it fails.
Any hints would be appreciated.
Thanks - I always forget to look in the FAQ!!!!
Have adapted it slightly so my script would now say
EPASS=`perl -e 'print("{CRYPT}".crypt("$NEWPASS","SC")."\n");'`
But the comparison option in phpLDAPadmin still fails. AM I doing this right?
Thx - STuart.
-Dieter
-- Dieter Klünter | Systemberatung sip: 7770535@sipgate.de http://www.dpunkt.de/buecher/2104.html GPG Key ID:8EF7B6C6
Get a free e-mail account with Hotmail. Sign-up now. _________________________________________________________________ http://clk.atdmt.com/UKM/go/195013117/direct/01/