> On 9 Dec 2019, at 22:26, Francesc Guasch <frankie@xxxxxxxxxxxxxxx> wrote: > > El 5/12/19 a les 1:38, William Brown ha escrit: >> > >> Because this is salted, you need to provide the same salt to do the match here. Your MD5 was unsalted is why the match works, so you'll need to do much more work now to do the same "match". >> >> In other words you need to do (in psuedo code) >> >> ... >> >> It should go without saying, but it's a security risk to have userPassword as a field readable and to do matches like this, so I strongly encourage you to consider updating or modifying the application in question to do binds instead :) >> >> Does that help? > > Yes it did ! From now on new users are created with the new format > that is also fully 389-ds compatible. > > I also added a warning on startup for legacy setups and a recommendation > in the docs. Happy to have helped, if you have further questions please let us know! > > thank you guys > _______________________________________________ > 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx > Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx — Sincerely, William Brown Senior Software Engineer, 389 Directory Server SUSE Labs _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
