From: Kai-Cheong Chang (kcchanghku@yahoo.com)
Date: Wed Feb 12 2003 - 21:46:32 EST
Dear all,
I tried to set up LDAP authentication on a Tru64 5.1A
BL3 (Enhacned security enabled) against an Openldap
directory (version 2.0.27).
Following the documentations on Internet Express
(version 5.8) and Best Practices (set crypt_passwd:1
in /etc/ldapcd.conf), I finally made it working.
However, I have the following question:
(1) In the Internet Express Admin. Guide, the
userPassword attribute should be of the form
"{CYRPT}encrypted-string". In my case, I can only
made authentication working with userPassword
attribute in the form "encrypted-string" (actually, I
found it after I invoked the ldap_passwd command to
change a user password and then this account can
authenticate). If I use the userPassword format
stated in Internet Express Admin. Guide, I failed to
login with the LDAP accounts (the edauth entry showed
u_pwd=* rather than the crypted password).
(2) If I use ldap_get_user, I can get the password
fields correctly in a /etc/passwd format regardless of
which format I used in userPassword attribute.
As I plan to have other applications sharing the same
userPassword attribute using the same LDAP tree, it
would be a problem if the userPassword attribute does
not follow the standard.
Any ideas or tweaks available?
Many thanks in advance,
KC Chang
__________________________________________________
Do you Yahoo!?
Yahoo! Shopping - Send Flowers for Valentine's Day
http://shopping.yahoo.com
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:49:07 EDT