Jonathan Barber wrote:
You might try the crypt format. On most linux platforms, system crypt uses MD5.On Mon, Dec 31, 2007 at 02:25:21PM +1100, Joel Heenan wrote:Ok then so from my reading a bit more into how the Linux MD5 sum is calculated it seems that because it includes a salt and is otherwise mangled what I'm attempting to do is impossible and I'll need to get users to set passwords manually. Is this correct?Yes. If you want to postpone having to get your users to reset their passwords, you could try the pam-passthru plugin: http://cvs.fedoraproject.org/viewcvs/ldapserver/ldap/servers/plugins/pam_passthru/README?root=dirsec&rev=1.6&view=autoI was hoping that I could take the Linux PAM MD5 and plonk it inside Directory Server but this doesn't seem possible. Unless there is some plugin designed for this that understands Linux MD5?Not that I know of, but it shouldn't be that difficult to write using the existing pwdstorage plugins as a starting point.
ThanksJoel-----Original Message-----From: fedora-directory-users-bounces@xxxxxxxxxx [mailto:fedora-directory-users-bounces@xxxxxxxxxx] On Behalf Of Jonathan BarberSent: Monday, 24 December 2007 11:49 PM To: General discussion list for the Fedora Directory server project.Subject: Re: Migrating RHEL users to Directory ServerOn Fri, Dec 21, 2007 at 01:51:30PM +1100, Joel Heenan wrote:unix userFedora Directory Users,I have a bunch of users currently using local RHEL 4 localaccounts for their usernames and passwords and I would liketo migratethem to Directory Server. My question concerns the MD5 sum password.I tried adding a user joeltest with password joeltest and Igot hash:This value is the base64 encoded value of the md5 digest of the password, and is the same as the md5 digest of "joeltest": $ echo -n "joeltest" | openssl dgst -md5 -binary | openssl base64 WGvQgGYUH2UOX2ZA1IQeyQ== $JqBiQXU4$gnJeKmNzXy.kaXUaBIygs0 from RHEL but I got hash: WGvQgGYUH2UOX2ZA1IQeyQ==Regards.point me in>From Directory Server when I set the same password.I'm guessing this is to do with further encodings placed on the password hash. Hoping someone has done this before and canthe right direction? Thanks Joel-- Jonathan Barber High Performance Computing Analyst Tel. +44 (0) 1382 386389 -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-usersThe information contained in this e-mail message and any accompanying files is or may be confidential. If you are not the intended recipient, any use, dissemination, reliance, forwarding, printing or copying of this e-mail or any attached files is unauthorised. This e-mail is subject to copyright. No part of it should be reproduced, adapted or communicated without the written consent of the copyright owner. If you have received this e-mail in error please advise the sender immediately by return e-mail or telephone and delete all copies. Fairfax does not guarantee the accuracy or completeness of any information contained in this e-mail or attached files. Internet communications are not secure, therefore Fairfax does not accept legal responsibility for the contents of this message or attached files. -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
<<attachment: smime.p7s>>
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
