Jan-Frode Myklebust wrote:
> On 2009-03-09, Michael Ströder wrote:
>>> But, it occurred to me that I'm not fully sure what I'm doing
>>> when creating the SSHA1 hash,
>> If the password is usable afterwards there's nothing wrong with
>> client-side password hashing. The salt should be at least 4 b
On 2009-03-09, Michael Ströder wrote:
> >
> > But, it occurred to me that I'm not fully sure what I'm doing
> > when creating the SSHA1 hash,
>
> If the password is usable afterwards there's nothing wrong with
> client-side password hashing. The salt should be at least 4 bytes long.
Still, I'm un
Zhang Huangbin wrote:
> Michael Ströder wrote:
>> Yes. Other LDAP servers might have a different configuration. Also some
>> servers set other password attributes as well (e.g. the smbk5pwd overlay
>> for OpenLDAP sets Samba password attributes and the Kerberos keys for a
>> heimdal KDC).
>
> How
Michael Ströder wrote:
> Yes. Other LDAP servers might have a different configuration. Also some
> servers set other password attributes as well (e.g. the smbk5pwd overlay
> for OpenLDAP sets Samba password attributes and the Kerberos keys for a
> heimdal KDC).
>
> Ciao, Michael.
>
>
Thanks Mic
Zhang Huangbin wrote:
> Michael Ströder wrote:
>>> so it would be nice to have
>>> the directory server do the hashing instead. I've found the
>>> method:
>>>
>>> passwd_s(user, oldpw, newpw, [serverctrls=None, [clientctrls=None]])
>>>
>>> but are there any way to use that when I don't know the
