Hi!

 

After having loaded pw-sha2 in oOpenmLDAp 2.5, I tried to set a new default hashing schema, but I fail to do so using

 

dn: olcDatabase={-1}frontend,cn=config

changetype: modify

add: olcPasswordHash

olcPasswordHash: {SSHA256}

olcPasswordHash: {SSHA}

 

----

modifying entry "olcDatabase={-1}frontend,cn=config"

ldap_modify: Object class violation (65)

        additional info: attribute 'olcPasswordHash' not allowed

 

Before I had tried “replace” instead of “add”, and I tried to place both values in one line as suggested by slapd-config:

       olcPasswordHash: <hash> [<hash>...]

              This option  configures  one  or  more  hashes  to  be  used  in

              generation   of   user  passwords  stored  in  the  userPassword

              attribute during processing of  LDAP  Password  Modify  Extended

              Operations (RFC 3062).  The <hash> must be one of {SSHA}, {SHA},

              {SMD5}, {MD5}, {CRYPT}, and {CLEARTEXT}.  The default is {SSHA}.

 

The manual page also states:

This setting is only allowed in the frontend entry.

 

I’m running out of ideas.

 

Kind regards,

Ulrich Windl