Am 07.06.21 um 16:35 schrieb Michael Ströder:
> On 6/7/21 3:40 PM, Stefan Kania wrote:
>>
>>
>> Am 07.06.21 um 15:29 schrieb Michael Ströder:
>>> To build with libargon2 (which supports all ARGON2 arguments):
>>>
>>> --enable-argon2 --with-argon2=libargon2
>>
>> Now it's compiling but still the same error :-(
>>
>> Jun 07 15:37:24 ldap25-p02 slapd[8154]: olcPasswordHash: value #0:
>> <olcPasswordHash> scheme not available ({ARGON2})
>
> I'm not using writeable cn=config. cn=config is always read-only on my
> system (no -F argument) only used for monitoring with slapdcheck.
>
> FWIW it works for me with 2.5.5 and slapd.conf like this:
>
> moduleload argon2 m=4096 p=3 t=4
> password-hash {ARGON2}
I will try it with slapd.conf
>
> Fun fact: There is no olcPasswordHash attribute in cn=config.
>
I tried it with "olcPassworHash {CRYPT}", just to check if I have a typo
or something like that. And that is working. slapd starts I can create
passwords everything is fine. As soon as I try one of the other {ARGON2}
or {TOTP1}... slapd crashes, so the attribute is valid but I think I
missing something, but I don't know what.
> BTW: Note that choosing ARGON2 parameters is not trivial:
>
> https://openldap.org/hyperkitty/list/openldap-technical@openldap.org/message/4KYTNGJN7ETVO5RAD4W5DP5SMPBLPHA7/
>
The link gives me a nice 404-page
> Ciao, Michael.
>
Stefan
