Hi,
Both attributes are in plain text.
ldapsearch, always *encode* userPassword value in base64. Try:
echo "Z290Y2hhCg==" | openssl base64 -d
The result is gotcha too.
Cheers.
Le 11/06/2015 09:48, Jephte Clain a écrit :
hello,
just wondering: when I ldapsearch the userPassword attribute, it is returned as binary:
$ ldapsearch -LLL -H "ldap://xxx:389/" -x -D xxx -W "(uid=xxx)" userPassword dn: uid=xxx,dc=domain,dc=tld userPassword:: Z290Y2hhCg==
however, I created a new attribute with the same schema as userPassword:
attributetype ( runUniv:1.1.2 NAME 'runUnivPassword' DESC 'RFC2256/2307 password for special needs' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
when I search this attribute, it is returned as text:
$ ldapsearch -LLL -H "ldap://xxx:389/" -x -D xxx -W "(uid=xxx)" runUnivPassword dn: uid=xxx,dc=domain,dc=tld runUnivPassword: gotcha
so my question is: does ldapsearch process userPassword as a special case and ask for binary transfer type?
or does slapd return userPassword as binary by default? if so, how do I configure runUnivPassword to be handled the same?
thanks in advance. best regards,