b...@bitrate.net wrote:
On Oct 8, 2013, at 09.56, Dan White dwh...@olp.net wrote:
That was referring to auxprop. In newer versions ( 2.1.23) of Cyrus SASL
there is an undocumented 'pwcheck_method: auxprop-hashed' which you can use
to support hashed passwords, but I do not believe that
On 10/09/13 22:20 -0400, b...@bitrate.net wrote:
On Oct 8, 2013, at 09.56, Dan White dwh...@olp.net wrote:
without olcauthzregexp, a test with ldapwhoami fails, as expected:
ldapwhoami -H 'ldap://aurora.example.com/' -Y 'digest-md5' -U 'flash' -w
''
SASL/DIGEST-MD5 authentication
On Oct 8, 2013, at 09.56, Dan White dwh...@olp.net wrote:
That was referring to auxprop. In newer versions ( 2.1.23) of Cyrus SASL
there is an undocumented 'pwcheck_method: auxprop-hashed' which you can use
to support hashed passwords, but I do not believe that slapd/ldapdb are
supported. I
On 10/07/13 21:49 -0400, b...@bitrate.net wrote:
On Oct 2, 2013, at 09.44, Dan White dwh...@olp.net wrote:
libsasl2, with default configuration, requires that the password be stored
in cleartext, even for PLAIN.
To support {ssha} in this scenario, I recommend you configure your SASL
On Oct 2, 2013, at 09.44, Dan White dwh...@olp.net wrote:
libsasl2, with default configuration, requires that the password be stored
in cleartext, even for PLAIN.
To support {ssha} in this scenario, I recommend you configure your SASL
slapd.conf file to authenticate against saslauthd, which
i've enabled the plain sasl mech, and testing with ldapwhoami works, but
only if the userpassword is left as plaintext. if hashing [ssha] is
used, it fails. a simple bind succeeds. what am i doing wrong?
ldapwhoami -H 'ldap://dsa4.example.com/' -Y 'plain' -U 'flash' -w
''