On 03/15/2013 09:58 AM, Gerhardus Geldenhuis wrote: > Hi > I am using the default Ubuntu 12.10 openldap installation and have inherited > an > existing ldap setup. When I do a slapcat -n 1 > > It shows userPassword entries as follows: > > userPassword:: e2NyeFB0fSQxJEkwKGc3bGJjJFpwL3JndlpCZDBlSPZuZGdoMFczTC8= > > ( password string has been edited... ) > > I am not sure how this is encoded... is there a way to find out? I have tried > md5 which is currently the default encoding for our servers. > > I have also tried slappasswd with various -h option to see if I can recreate > the > same hash if it is a hash. > > I want to add new users using ldif and would like to encrypt/hash their > passwords in a similar fashion if possible. > > Any help would be appreciated.
The double colon after the attribute name means it's Base64 encoded. So decode the base64 and you end up with this: {crxPt}$1$I0(g7lbc$Zp/rgvZBd0eHöndgh0W3L/ which after your mangling still appears to be a CRYPT-MD5 password. /* Wes Hardin */