Hello I realized that userPassword in my openldap directory cannot be validated when hashed in SSHA-512 ldapsearch binds fails (err 49) , shibboleth SSO binding against ldap userPassword also fails I tried to check the cleartext password against the userPassword field with ApacheDirectoryStudio , here it works . I changed the password (reseeting the same cleartext one) using SSHA-256 (again in ApacheDirectoryStudio interface) , then ldapsearch bind works !
Is there a problem with SSHA-512 hashed userPassword ? Maybe something one the client or server side must be set to use SSHA-512 ? Thanks for your advices .
