Sam Tran wrote:
On 7/7/05, Rich Megginson <rmeggins@xxxxxxxxxx> wrote:
Sam Tran wrote:
Hi all,
I compiled FDS from the latest sources.
I migrated a user entry from OpenLDAP to FDS as a test. For that user
entry I tried different password hash schemes for the userPassword
attribute and checked if it was successfully migrated to FDS. Here are
the results:
Did you run this script first -
http://www.directory.fedora.redhat.com/download/openLDAP2Fedora.pl - to
migrate the data that used MD5 passwords?
{CRYPT} --> OK
(MD5} --> FAILED
{SMD5} --> FAILED
{MD5CRYPT} --> OK
{SHA} --> OK
{SSHA} --> OK
I thought that FDS supported MD5 password hash. Did I miss something?
Not sure. I would have expected {MD5} to work but not {MD5CRYPT}. See
above.
Thanks in advance.
Sam
You should not need to run this script to do the migration. This
script just Base64 decodes the userPassword attribute and puts it in
the form {HASH}xxxxxxxx. FDS apparently understands the Base64 encoded
version of the password.
For SHA, SSHA, CRYPT and MD5CRYPT I didn't use this script and the
migration was successful. For MD5 I tried without and with the script:
it was unsuccessful in both cases.
This is really bizarre, because MD5CRYPT should not work at all - it is
not supported by FDS. The only thing I can think is that it is
interpreting the value as clear text.
How did you verify that the migration was successful?
Sam
|
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
