On Thu, Mar 16, 2023 at 10:50 AM Quanah Gibson-Mount
wrote:
>
> --On Thursday, March 16, 2023 11:29 AM -0400 Jeffrey Walton
> wrote:
>
> >> This doesn't make sense. You should be using an ldapv3 password modify
> >> operation on the user account in question and letting the server do the
> >> has
--On Thursday, March 16, 2023 11:29 AM -0400 Jeffrey Walton
wrote:
This doesn't make sense. You should be using an ldapv3 password modify
operation on the user account in question and letting the server do the
hashing (and also allows password policies, if deployed, to be used).
If I un
On Thu, Mar 16, 2023 at 10:08 AM Quanah Gibson-Mount
wrote:
>
> --On Saturday, March 11, 2023 7:51 PM +0100 Stefan Kania
> wrote:
>
> > For a rootdn
> > ---
> > dn: olcDatabase={2}mdb,cn=config
> > changetype: modify
> > replace: olcRootPW
> > olcRootPW:
> > {ARGON2}$argon2i$v=19$
--On Saturday, March 11, 2023 7:51 PM +0100 Stefan Kania
wrote:
For a rootdn
---
dn: olcDatabase={2}mdb,cn=config
changetype: modify
replace: olcRootPW
olcRootPW:
{ARGON2}$argon2i$v=19$m=4096,t=3,p=1$ZGJmZ2lrbmpiZHZzZ3NhdmRzZw$J6eXYSxY4
tDs4l8SdBkIwcAU0OqEEdR0gpFNJ5MSqQs
--
Am 10.03.23 um 20:36 schrieb Quanah Gibson-Mount:
--On Friday, March 10, 2023 7:37 PM +0100 Stefan Kania
wrote:
Am 10.03.23 um 19:24 schrieb Quanah Gibson-Mount:
Ok. I still don't know what 'changing the password via LDIF' means
though.
Generate a password with for example slappassw
--On Friday, March 10, 2023 7:37 PM +0100 Stefan Kania
wrote:
Am 10.03.23 um 19:24 schrieb Quanah Gibson-Mount:
Ok. I still don't know what 'changing the password via LDIF' means
though.
Generate a password with for example slappasswd or argon2 and replace the
attribute userPassword v
Am 10.03.23 um 19:24 schrieb Quanah Gibson-Mount:
Ok. I still don't know what 'changing the password via LDIF' means though.
Generate a password with for example slappasswd or argon2 and replace
the attribute userPassword via a ldif-files
smime.p7s
Description: S/MIME Cryptographic Signa
--On Friday, March 10, 2023 9:00 AM +0100 Stefan Kania
wrote:
Am 09.03.23 um 20:49 schrieb Quanah Gibson-Mount:
--On Thursday, March 9, 2023 7:51 PM +0100 Stefan Kania
wrote:
Another strange thing about passwords on the same machine. As I told you
before, we switch to ssha as paswo
On Thu, Mar 9, 2023 at 1:52 PM Stefan Kania wrote:
>
> Another strange thing about passwords on the same machine. As I told you
> before, we switch to ssha as paswordhash. The server works. But now we
> start to create new passwords with "slappasswd", we are getting a
> {SSHA}. But when change the
Am 10.03.23 um 09:25 schrieb Jeffrey Walton:
On Wed, Mar 8, 2023 at 8:30 AM Stefan Kania wrote:
Am 08.03.23 um 14:11 schrieb Ulrich Windl:
Maybe examine the compiler flags, compiler version and CPU running the binary.
I use the symas-packages from repository. I did not compile it on my
On Wed, Mar 8, 2023 at 8:30 AM Stefan Kania wrote:
>
> Am 08.03.23 um 14:11 schrieb Ulrich Windl:
> > Maybe examine the compiler flags, compiler version and CPU running the
> > binary.
>
> I use the symas-packages from repository. I did not compile it on my
This could be the problem:
https://git
On Wed, Mar 8, 2023 at 9:38 AM Stefan Kania wrote:
> [...]
> kernel: traps: slapd[18020] trap invalid opcode ip:7febaf26a415
> sp:7fc3ad4b69e0 error:0 in libargon2.so.1[7febaf266000+5000]
> [...]
> I think I found the problem:
>
> The host has a 12 year old CPU Intel Xeon E5-2630 . Together with a
Am 09.03.23 um 20:49 schrieb Quanah Gibson-Mount:
--On Thursday, March 9, 2023 7:51 PM +0100 Stefan Kania
wrote:
Another strange thing about passwords on the same machine. As I told you
before, we switch to ssha as paswordhash.
SSHA is rather insecure. The Symas OpenLDAP builds ship w
--On Thursday, March 9, 2023 7:51 PM +0100 Stefan Kania
wrote:
Another strange thing about passwords on the same machine. As I told you
before, we switch to ssha as paswordhash.
SSHA is rather insecure. The Symas OpenLDAP builds ship with ARGON2
support which is advised to use. I've n
Another strange thing about passwords on the same machine. As I told you
before, we switch to ssha as paswordhash. The server works. But now we
start to create new passwords with "slappasswd", we are getting a
{SSHA}. But when change the password via ldif. The password is
never valid. We did it
>>> Stefan Kania schrieb am 08.03.2023 um 13:47 in
Nachricht <7079926e-76af-748c-0447-d1b503dc0...@kania-online.de>:
> Hi to all,
>
> I just installed a fresh 2.5 server with the symas-packages and debian
> 11. I can start the service, but as soon as I try to authenticate for
> example with:
>
I think I found the problem:
The host has a 12 year old CPU Intel Xeon E5-2630 . Together with argon2
as passwordhash there is a problem. As soon as I switrch to SSHA
everything is working fine.
Can someone confirm it?
Thank's to Ulrich for pushing me in the right direction ;-)
Am 08.03.23
Am 08.03.23 um 14:11 schrieb Ulrich Windl:
Maybe examine the compiler flags, compiler version and CPU running the binary.
I use the symas-packeages from repository. I did not compile it on my
own ;-)
smime.p7s
Description: S/MIME Cryptographic Signature
18 matches
Mail list logo