Import UNIX md5-hash passwords into OpenDirectory LDAP

Discussion in 'Apple' started by Chris.Shenton, Oct 10, 2005.

  1. I've got UNIX systems which store passwords as MD5 hashes, e.g.,

    $1$iFAQDfaqZ$m3zFWQERTcsAYkxJEDxoC1:

    I want to move these accounts to the OpenDirectory LDAP server,
    preferably stored as OpenDirectory rather than the crypt back-end.

    I've been able to take old-style crypt() passwords by prefixing the
    crypt-hash with "{crypt}" then base64encoding the combined string, then
    setting the LDAP attribute

    userPassword::

    with a double-colon. Doing an "ldapadd" with an LDIF file containing
    this works fine: creates the account and I can authenticate.


    I have not been able to do the same with the modern md5-hash form of
    the password, with {crypt} nor {md5} prefixes, with or without
    base64encoding.

    Any clues? My searches have been fruitless.

    Thanks.
     
    Chris.Shenton, Oct 10, 2005
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.