On Tue, 2003-01-14 at 12:46, Dan Melomedman wrote:
> Matthew Crocker wrote:
> > Envryption of the userPassword attribute is done by the LDAP server.
> > The attribute is stored as {ENC_TYPE}HASH where ENC_TYPE is the valid
> > encryption types supported by the LDAP server (CRYPT,MD5,SHA1 ...) and
>
> First, hashing is not encryption.
Hrm, Maybe your are right but I have always heard of an MD5 HASH but it
is just semantics. Let me rewrite that line as
{ENC_TYPE}ENCRYPTED_STRING where ENC_TYPE = ... and ENCRYPTED_STRING is
the encrypted version of the password using the mentioned encryption
type.
>
> > HASH is the encrypted password. QMAIL-LDAP simply attempts to bind to
> > the LDAP server as the DN using the user supplied password. If it works
> > the password is correct. QMAIL-LDAP doesn't need to know how the
> > password was encrypted. This also allows you to have different
> > encryption settings for users so you can migrate to a new scheme
>
> Second, this isn't how everybody's qmail-ldap is configured.
Thanks for your insight, Maybe it would be better to explain the other
options. I know it is harder to provide constructive criticism and all.
-Matt
--
Matthew Crocker <[EMAIL PROTECTED]>
Crocker Communications, Inc.
