Stefan Seelmann wrote: > slappasswd creates SSHA password with 4 byte salt. > > Studio creates SSHA passwords with 8 byte salt > > ApacheDS bind operation only works with a 8 byte salt. > > The Studio veryify operation works with both.
Thanks for the investigation, this also explains why plain MD5 and SHA passwords work. > I haven't found a definite receipe how many byte of salt a SSHA password > should contain. Any reference would be welcome. I also didn't find a reference but both seem common. Would it be an option for ApacheDS to support variable length salts in the future? This would remove a blocker for those migrating from OpenLDAP or other servers with a different salt size. =Stefan
signature.asc
Description: OpenPGP digital signature
