On 7/7/05, Rich Megginson <rmeggins at redhat.com> wrote: > Sam Tran wrote: > > >Hi all, > > > >I compiled FDS from the latest sources. > > > >I migrated a user entry from OpenLDAP to FDS as a test. For that user > >entry I tried different password hash schemes for the userPassword > >attribute and checked if it was successfully migrated to FDS. Here are > >the results: > > > > > Did you run this script first - > http://www.directory.fedora.redhat.com/download/openLDAP2Fedora.pl - to > migrate the data that used MD5 passwords? > > >{CRYPT} --> OK > >(MD5} --> FAILED > >{SMD5} --> FAILED > >{MD5CRYPT} --> OK > >{SHA} --> OK > >{SSHA} --> OK > > > >I thought that FDS supported MD5 password hash. Did I miss something? > > > > > Not sure. I would have expected {MD5} to work but not {MD5CRYPT}. See > above. > > >Thanks in advance. > > > >Sam > > You should not need to run this script to do the migration. This script just Base64 decodes the userPassword attribute and puts it in the form {HASH}xxxxxxxx. FDS apparently understands the Base64 encoded version of the password. For SHA, SSHA, CRYPT and MD5CRYPT I didn't use this script and the migration was successful. For MD5 I tried without and with the script: it was unsuccessful in both cases. Sam
