Hi Guys
Im adding users data to the ldap from external program or client , There im sending UserPasswrd in clear text .
So Is there any configuration directive in opendap where we can force openldap to store receiving clear text password in SSHA format .
Please advice
Thank You Dhanushka
Hi,
On Thu, 11 Jun 2015, parakrama55 . wrote:
Hi Guys
Im adding users data to the ldap from external program or client , There im sending UserPasswrd in clear text .
So Is there any configuration directive in opendap where we can force openldap to store receiving clear text password in SSHA format .
use the ppolicy overlay and the ppolicy_hash_cleartext feature.
man slapo-ppolicy
ppolicy_hash_cleartext Specify that cleartext passwords present in Add and Modify requests should be hashed before being stored in the database. This violates the X.500/LDAP information model, but may be needed to compensate for LDAP clients that don't use the Pass- word Modify extended operation to manage passwords. It is rec- ommended that when this option is used that compare, search, and read access be denied to all directory users.
Greetings Christian
Please advice
Thank You Dhanushka
"parakrama55 ." parakrama1282@gmail.com writes:
Im adding users data to the ldap from external program or client , There im sending UserPasswrd in clear text .
So Is there any configuration directive in opendap where we can force openldap to store receiving clear text password in SSHA format .
If you change the userPassword attribute via the plain LDAP modify operation, it will be stored as given (at least by default).
openldap-technical@openldap.org
-
Christian Kratzer -
Ferenc Wagner -
parakrama55 .