--On Thursday, September 27, 2007 10:45 PM +0200 Paweł Pałucha
<[EMAIL PROTECTED]> wrote:
Quanah Gibson-Mount wrote:
I'm able to reproduce it using just ldapsearch:
ldapsearch -b 'ou=People,dc=praterm,dc=pl' -D \
'uid=pawel,ou=People,dc=praterm,dc=pl' -x -W
It asks for password and accepts antything that starts with correct
password.
Right, I can't reproduce it using ldapsearch when the {CRYPT} password
is generated by slappasswd.
Can you send me the userPassword value for one of your entries that has
the "1234" password? I can use that value in my DB directly then.
I discovered one more thing - it does not work for password shorter than
8 characters. However it works for 8, 9, 10 and 12 - I haven't try more.
Welcome to the wonderful world of crypt. This is a known limitation of
using crypt passwords, which only check the first 8 characters. This is
why it is recommended to use SSHA type password hashes. I suggest this bug
report be closed.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
