> I'm trying to modify the userPassword value from within a > perl script using Perl::LDAP. > I generate an encrypted pwd in perl and then write it to FedoraDS via > ldap->modify > The update seems successfull but when I query FedoraDS > afterwards the string in userPassword is not the same as the > one I generated. What exactly is happening in the background > giving this result? I tried writing the same value to another > attribute (eg mail) and then it is as expected. > What's the best way to update the userPassword from within perl? This page offers some advice for creating SHA and SSHA passwords (which your directory is likely doing) using various languages: http://www.openldap.org/faq/data/cache/347.html You could use one of those snippets to do your own hashing prior to updating the userPassword attribute. You could also use one of those snippets in your verification routine: Generate a hash in perl using the same algorithm used by your directory, and compare the perl-generated hash to the one stored in the userPassword attribute. If the two hashes are the same, it is extremely probable (almost certain) that the passwords they obscure are the same. (Note to crypto geniuses: please be gentle if I am wrong ;) Justin
