Re: ldap re-creating database
Derrick dman Hudson said:
> SSHA is Salted SHA. The difference between SSHA and SHA is the salt used
> in the beginning (which is also why you can get different values out for
> the same input, which makes it harder to crack). I think
> SSHA is what openldap tends to use when you set a password field.
ahh ok
>
> However, in the slapd.conf file I think it is supposed to be
> plain-text. So either change that line to read rootpw password or type
> in '{SSHA}JuaWFhw+AXDgppTgOJPtpZARL1PpWRoj' as the password.
> When I set up openldap it was a plain-text entry in the config file.
it can be encrypted too, but you need to specify the encryption type
e.g.
password-hash {MD5}
rootpw {MD5}2hpVc0nyXGQbGjaK9bIYpw==
at least it works for MD5, never tried SHA or SSHA
nate
Reply to: