[sork] Fw: Passwd with Openldap

David Wilson dave at dcdata.co.za
Thu May 27 09:43:24 PDT 2004


Hi guys,

I turned up "loglevel" in my slapd.conf and found that I was getting an error about about attempting to bind with an incorrect version number.
I then added "allow bind_v2" to my slapd.conf which appears to have fixes the "incorrect password" issue.

"passwd" in IMP now recognises my old password and says that it's changed the password sucessfully.
Trying to log in with the new password does not work.
Looking at the entry in my LDAP: I see: "userPassword: {crypt}$1$bRTfHZ2.$UgxRWechzjKLmWM7L8SPO/"  
I notice that {crypt} is in lowercase ? I'm not sure if it makes a difference ?

Any suggestions/guidance would be greatly appreciated.


Kindest regards
David Wilson

D c D a t a 
Tel +27 33 342 7003
Fax +27 33 345 4155
Cell +27 83 267 7500
MSN: dave at dcdata.co.za
http://www.dcdata.co.za
support at dcdata.co.za
sales at dcdata.co.za
KZN's first and only pure Linux solution provider
____________________________________________________
LinuxBox S.A.: Africa's shell provider.
Powered by Linux and DcData - driven by passion !
http://www.linuxbox.co.za
----- Original Message ----- 
From: David Wilson 
To: sork at lists.horde.org 
Sent: Thursday, May 27, 2004 5:59 PM
Subject: Passwd with Openldap


Hi guys,

How are you ?
I've used horde and some of it's modules for years and have always found them brilliant.

Currently I've installed an openldap-postfix-courier-imp solution.
All email delivery and IMP is working 100% except for my passwod changing via the "passwd" module.
My users in LDAP are configured as "dn: uid=davew,ou=users,dc=stjohns,dc=net" and my passwords are "crypt" based, (userPassword attribute).
When I change my password in passwd I get "Incorrect Password".
My OpenLDAP, Turba, Horde, IMP and Passwd are all the latest stable versions.
I've also recompiled my PHP with mhash and tried SSHA encryption for passwords but still seem to pick up the same problem.

I've got the following in my slapd.conf (perhaps I've messed up the access here):
index   objectClass  pres,eq
index   mail,cn,uid  eq,sub
access to attribute=userPassword
       by self write
       by anonymous read
       by * none
access to *
        by * read

And the following in my backends.php:
$backends['ldap'] = array(
    'name' => 'St. Johns directory',
    'preferred' => '',
    'password policy' => array(
        'minLength' => 3,
        'maxLength' => 8
    ),
    'driver' => 'ldap',
    'params' => array(
        'host' => 'localhost',
        'port' => 389,
        'basedn' => 'dc=stjohns,dc=net',
        'uid' => 'uid',
//        'realm' => 'dc=stjohns,dc=net', // this will be appended to the username when
                       // looking for the userdn.
//        'userdn' => 'uid=' . Auth::getAuth() . ',ou=users',
        'encryption' => 'crypt',
    )
);



As far as I can see this is all correct ?

Please have a look at this and correct me where I'm wrong.
Thank you.



Kindest regards
David Wilson

D c D a t a 
Tel +27 33 342 7003
Fax +27 33 345 4155
Cell +27 83 267 7500
MSN: dave at dcdata.co.za
http://www.dcdata.co.za
support at dcdata.co.za
sales at dcdata.co.za
KZN's first and only pure Linux solution provider
____________________________________________________
LinuxBox S.A.: Africa's shell provider.
Powered by Linux and DcData - driven by passion !
http://www.linuxbox.co.za


More information about the sork mailing list