Some ldapsearch binaries base64-encode password strings in their output. Not sure if this is what's happening for you, or if you actually have the password string stored as a base64 string in your directory database. If you want to decode the base64 strings, this link might be useful for you: http://www.openldap.org/faq/data/cache/1353.html Nalin Dahyabhai wrote: > On Thu, Jul 05, 2007 at 11:20:52AM -0600, Richard Megginson wrote: > >> Saied W. Andalib wrote: >> >>> Some look like this: >>> >>> userPassword: e1NTSEF9b0lZeWJsWDdPOTNkUVliY215UDZXaDFIdURIQ2tmQjA= >>> >> >> I'm not sure what this is. Fedora DS expects the userPassword to either be >> the clear text value >> userPassword: mypassword >> or a hash with the hash type in the front >> userPassword: {SSHA}POTNkUVliY215UDZXaDFIdURI== >> >> I'm not sure what e1NTSEF9b0lZeWJsWDdPOTNkUVliY215UDZXaDFIdURIQ2tmQjA= is. >> > > The "=" on the end suggests that it's base64, and the example was > missing the extra ":" which would indicate that it is. Decoding that > gives "{SSHA}oIYyblX7O93dQYbcmyP6Wh1HuDHCkfB0". > > Perhaps the value was accidentally converted so that it's actually being > stored that way in the directory, when it shouldn't be. > > HTH, > > Nalin
