Sorry to reply to my own reply but I think I worked out why it fails.

The phpLDAPadmin encryption uses random Salt (AKA SaltedHash), which I can disable, but would rather not. So how does I use the Perl::SaltedHash to encrypt a plain text word?

Cheers,

Stuart.


From: stuart_cherrington@hotmail.co.uk
To: openldap-technical@openldap.org
Subject: RE: slappasswd2.4 output issue
Date: Tue, 27 Jul 2010 08:39:00 +0000



> From: dieter@dkluenter.de
> To: openldap-technical@openldap.org
> Subject: Re: slappasswd2.4 output issue
> Date: Tue, 27 Jul 2010 10:11:45 +0200
>
> Stuart Cherrington <stuart_cherrington@hotmail.co.uk> writes:
>
> > Hi,
> >
> > I'm writing a script to help my fellow admins automatically creates user accounts in OpenLDAP 2.4.
> > Can provide copy of script if you would like it.
> >
> > The issue I have is encrypting the plain text word into passwd format, I found the very helpful
> > slappasswd2.4 which seems to work so I put it into my script:
> >
> > echo $NEWPASS > /tmp/newpass
> > chmod 400 /tmp/newpass
> > slappasswd2.4 -h {crypt} -T /tmp/newpass > /tmp/passenc
> > chmod 400 /tmp/passenc
> > EPASS=`cat /tmp/passenc`
> >
> > It creates an entry in the passenc file which looks like this:
> >
> > {crypt}mHUqpeNah1BOQ
> >
> > But when i use this as a variable to the 'userpassword:' attribute then try to compare passwds
> > within phpLDAPadmin it fails.
> >
> > Any hints would be appreciated.
>
> http://www.openldap.org/faq/data/cache/344.html
>

Thanks - I always forget to look in the FAQ!!!!

Have adapted it slightly so my script would now say

EPASS=`perl -e 'print("{CRYPT}".crypt("$NEWPASS","SC")."\n");'`

But the comparison option in phpLDAPadmin still fails. AM I doing this right?

Thx - STuart.

> -Dieter
>
> --
> Dieter Klünter | Systemberatung
> sip: 7770535@sipgate.de
> http://www.dpunkt.de/buecher/2104.html
> GPG Key ID:8EF7B6C6


Get a free e-mail account with Hotmail. Sign-up now.

Get a free e-mail account with Hotmail. Sign-up now.