[sork] Fw: Passwd with Openldap
David Wilson
dave at dcdata.co.za
Thu May 27 09:43:24 PDT 2004
Hi guys,
I turned up "loglevel" in my slapd.conf and found that I was getting an error about about attempting to bind with an incorrect version number.
I then added "allow bind_v2" to my slapd.conf which appears to have fixes the "incorrect password" issue.
"passwd" in IMP now recognises my old password and says that it's changed the password sucessfully.
Trying to log in with the new password does not work.
Looking at the entry in my LDAP: I see: "userPassword: {crypt}$1$bRTfHZ2.$UgxRWechzjKLmWM7L8SPO/"
I notice that {crypt} is in lowercase ? I'm not sure if it makes a difference ?
Any suggestions/guidance would be greatly appreciated.
Kindest regards
David Wilson
D c D a t a
Tel +27 33 342 7003
Fax +27 33 345 4155
Cell +27 83 267 7500
MSN: dave at dcdata.co.za
http://www.dcdata.co.za
support at dcdata.co.za
sales at dcdata.co.za
KZN's first and only pure Linux solution provider
____________________________________________________
LinuxBox S.A.: Africa's shell provider.
Powered by Linux and DcData - driven by passion !
http://www.linuxbox.co.za
----- Original Message -----
From: David Wilson
To: sork at lists.horde.org
Sent: Thursday, May 27, 2004 5:59 PM
Subject: Passwd with Openldap
Hi guys,
How are you ?
I've used horde and some of it's modules for years and have always found them brilliant.
Currently I've installed an openldap-postfix-courier-imp solution.
All email delivery and IMP is working 100% except for my passwod changing via the "passwd" module.
My users in LDAP are configured as "dn: uid=davew,ou=users,dc=stjohns,dc=net" and my passwords are "crypt" based, (userPassword attribute).
When I change my password in passwd I get "Incorrect Password".
My OpenLDAP, Turba, Horde, IMP and Passwd are all the latest stable versions.
I've also recompiled my PHP with mhash and tried SSHA encryption for passwords but still seem to pick up the same problem.
I've got the following in my slapd.conf (perhaps I've messed up the access here):
index objectClass pres,eq
index mail,cn,uid eq,sub
access to attribute=userPassword
by self write
by anonymous read
by * none
access to *
by * read
And the following in my backends.php:
$backends['ldap'] = array(
'name' => 'St. Johns directory',
'preferred' => '',
'password policy' => array(
'minLength' => 3,
'maxLength' => 8
),
'driver' => 'ldap',
'params' => array(
'host' => 'localhost',
'port' => 389,
'basedn' => 'dc=stjohns,dc=net',
'uid' => 'uid',
// 'realm' => 'dc=stjohns,dc=net', // this will be appended to the username when
// looking for the userdn.
// 'userdn' => 'uid=' . Auth::getAuth() . ',ou=users',
'encryption' => 'crypt',
)
);
As far as I can see this is all correct ?
Please have a look at this and correct me where I'm wrong.
Thank you.
Kindest regards
David Wilson
D c D a t a
Tel +27 33 342 7003
Fax +27 33 345 4155
Cell +27 83 267 7500
MSN: dave at dcdata.co.za
http://www.dcdata.co.za
support at dcdata.co.za
sales at dcdata.co.za
KZN's first and only pure Linux solution provider
____________________________________________________
LinuxBox S.A.: Africa's shell provider.
Powered by Linux and DcData - driven by passion !
http://www.linuxbox.co.za
More information about the sork
mailing list