El 5/12/19 a les 1:38, William Brown ha escrit: > > Because this is salted, you need to provide the same salt to do the match here. Your MD5 was unsalted is why the match works, so you'll need to do much more work now to do the same "match". > > In other words you need to do (in psuedo code) > > ... > > It should go without saying, but it's a security risk to have userPassword as a field readable and to do matches like this, so I strongly encourage you to consider updating or modifying the application in question to do binds instead :) > > Does that help? Yes it did ! From now on new users are created with the new format that is also fully 389-ds compatible. I also added a warning on startup for legacy setups and a recommendation in the docs. thank you guys _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
