[Pkg-openldap-devel] Upgrading LDAP and password issues
Chuck Peters
cplists at axs.org
Tue Dec 8 15:13:14 UTC 2015
We have two types of password hashes in our LDAP DB, and the older
type isn't authenticating. Has some library changed, is the older
type no longer supported or has some default configuration changed?
A base64 decoded ldif looks something like the following:
userPassword:: {crypt}Aipcuzoh3eiVE
Less than 10% of users have the SSHA hash and the one I tested
authenticates correctly.
Starting with a partial image of our old Debian 6 system, I upgraded
to Debian 7 and it appears the LDAP accounts are authenticating
correctly. When I upgrade to Debian 8, I'm having an issue with the
old hashes, {crypt} appears to be a old Unix DES based hash. I've
spent some time trying to determine why and what to do do about it,
but I'm not making any progress. Any suggestions?
Thanks,
Chuck
More information about the Pkg-openldap-devel
mailing list