If yes, where can I find documentation on how to use/enable it?
https://tools.ietf.org/html/rfc3112
The userPassword attribute type [RFC2256https://tools.ietf.org/html/rfc2256] is intended to be used to support the LDAP [RFC2251https://tools.ietf.org/html/rfc2251] "simple" bind operation. However, values of userPassword must be clear text passwords. It is often desirable to store values derived from the user's password(s) instead of actual passwords.
The authPassword attribute type is intended to be used to store information used to implement simple password based authentication.
RFC 3112 - LDAP Authentication Password Schemahttps://tools.ietf.org/html/rfc3112 RFC 3112 LDAP Authentication Password Schema May 2001 hash algorithm/implementation is flawed), the hashing of passwords is intended to be as an additional layer of protection. It is RECOMMENDED that hashed values be protected as if they were clear text passwords. This attribute may be used in conjunction with server side password generation mechanisms (such as the LDAP Password Modify ... tools.ietf.org
Siddharth Jain wrote:
If yes, where can I find documentation on how to use/enable it?
It has never been implemented. The use of {SCHEME} prefixes in userPassword seems to have obviated any need for it.
https://tools.ietf.org/html/rfc3112
The userPassword attribute type [RFC2256 https://tools.ietf.org/html/rfc2256] is intended to be used to support the LDAP [RFC2251 https://tools.ietf.org/html/rfc2251] "simple" bind operation. However, values of userPassword must be clear text passwords. It is often desirable to store values derived from the user's password(s) instead of actual passwords.
The authPassword attribute type is intended to be used to store information used to implement simple password based authentication.
RFC 3112 - LDAP Authentication Password Schema https://tools.ietf.org/html/rfc3112 RFC 3112 LDAP Authentication Password Schema May 2001 hash algorithm/implementation is flawed), the hashing of passwords is intended to be as an additional layer of protection. It is RECOMMENDED that hashed values be protected as if they were clear text passwords. This attribute may be used in conjunction with server side password generation mechanisms (such as the LDAP Password Modify ... tools.ietf.org
openldap-technical@openldap.org