O
Zachary Kotlarek <[EMAIL PROTECTED]> writes:
> {SSHA} will not work with qmail,
Yeah, this bit me in the butt last time I went through this. Thanks
for confirming this.
IMHO it should be documented with flashing red lights in the
lifewithqmail.org/ldap and QLDAPINSTALL docs. At least I'm making
sure I call attention to it in my own install/config/integrate notes,
which I plan to put online shortly.
> but {SHA} and the MD5 hashes will. {SSHA} is the default hash now in
> OpenLDAP, so you'll have to manually specify your desired hash.
Oops, I should have shown this other bit from my slapd.conf file:
# In a previous attempt I found I needed {SHA} as openldap
# defaults to {SSHA} but qmail-ldap didn't work with it.
password-hash {SHA}
My user entry LDIF was added with ldapadd and contained:
# password below is "cshenton" via "slappasswd -h '{SHA}'"
#
userpassword: {SHA}fpZ8ao8TwKbSyQc1JJjjI94ZAFc=
So I figured it would be OK.
I can live without the rebinding but would obviously prefer to get it
working to limit access requirements and improve security here.
Is anybody else using it successfully?
Thanks again.
