On Mon, Dec 31, 2007 at 02:25:21PM +1100, Joel Heenan wrote: > Ok then so from my reading a bit more into how the Linux MD5 sum is > calculated it seems that because it includes a salt and is otherwise > mangled what I'm attempting to do is impossible and I'll need to get > users to set passwords manually. Is this correct? Yes. If you want to postpone having to get your users to reset their passwords, you could try the pam-passthru plugin: http://cvs.fedoraproject.org/viewcvs/ldapserver/ldap/servers/plugins/pam_passthru/README?root=dirsec&rev=1.6&view=auto > I was hoping that I could take the Linux PAM MD5 and plonk it inside > Directory Server but this doesn't seem possible. Unless there is some > plugin designed for this that understands Linux MD5? Not that I know of, but it shouldn't be that difficult to write using the existing pwdstorage plugins as a starting point. > Thanks > > Joel > > > -----Original Message----- > > From: fedora-directory-users-bounces@xxxxxxxxxx > > [mailto:fedora-directory-users-bounces@xxxxxxxxxx] On Behalf > > Of Jonathan Barber > > Sent: Monday, 24 December 2007 11:49 PM > > To: General discussion list for the Fedora Directory server project. > > Subject: Re: Migrating RHEL users to > > Directory Server > > > > On Fri, Dec 21, 2007 at 01:51:30PM +1100, Joel Heenan wrote: > > > Fedora Directory Users, > > > > > > I have a bunch of users currently using local RHEL 4 local > > unix user > > > accounts for their usernames and passwords and I would like > > to migrate > > > them to Directory Server. My question concerns the MD5 sum password. > > > > > > I tried adding a user joeltest with password joeltest and I > > got hash: > > > > > > JqBiQXU4$gnJeKmNzXy.kaXUaBIygs0 > > > > > > from RHEL but I got hash: > > > > > > WGvQgGYUH2UOX2ZA1IQeyQ== > > > > This value is the base64 encoded value of the md5 digest of > > the password, and is the same as the md5 digest of "joeltest": > > $ echo -n "joeltest" | openssl dgst -md5 -binary | openssl > > base64 WGvQgGYUH2UOX2ZA1IQeyQ== $ > > > > Regards. > > > > > >From Directory Server when I set the same password. > > > > > > I'm guessing this is to do with further encodings placed on the > > > password hash. Hoping someone has done this before and can > > point me in > > > the right direction? > > > > > > Thanks > > > > > > Joel > > > > -- > > Jonathan Barber > > High Performance Computing Analyst > > Tel. +44 (0) 1382 386389 > > > > -- > > Fedora-directory-users mailing list > > Fedora-directory-users@xxxxxxxxxx > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > The information contained in this e-mail message and any accompanying files is or may be confidential. If you are not the intended recipient, any use, dissemination, reliance, forwarding, printing or copying of this e-mail or any attached files is unauthorised. This e-mail is subject to copyright. No part of it should be reproduced, adapted or communicated without the written consent of the copyright owner. If you have received this e-mail in error please advise the sender immediately by return e-mail or telephone and delete all copies. Fairfax does not guarantee the accuracy or completeness of any information contained in this e-mail or attached files. Internet communications are not secure, therefore Fairfax does not accept legal responsibility for the contents of this message or attached files. > > -- > Fedora-directory-users mailing list > Fedora-directory-users@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-directory-users -- Jonathan Barber High Performance Computing Analyst Tel. +44 (0) 1382 386389 -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
