On Mon, Dec 31, 2007 at 02:25:21PM +1100, Joel Heenan wrote:
Ok then so from my reading a bit more into how the Linux MD5 sum is
calculated it seems that because it includes a salt and is otherwise
mangled what I'm attempting to do is impossible and I'll need to get
users to set passwords manually. Is this correct?
If you want to postpone having to get your users to reset their
passwords, you could try the pam-passthru plugin:
I was hoping that I could take the Linux PAM MD5 and plonk it inside
Directory Server but this doesn't seem possible. Unless there is some
plugin designed for this that understands Linux MD5?
Not that I know of, but it shouldn't be that difficult to write using
the existing pwdstorage plugins as a starting point.
> -----Original Message-----
> From: fedora-directory-users-bounces(a)redhat.com
> [mailto:firstname.lastname@example.org] On Behalf
> Of Jonathan Barber
> Sent: Monday, 24 December 2007 11:49 PM
> To: General discussion list for the Fedora Directory server project.
> Subject: Re: [Fedora-directory-users] Migrating RHEL users to
> Directory Server
> On Fri, Dec 21, 2007 at 01:51:30PM +1100, Joel Heenan wrote:
> > Fedora Directory Users,
> > I have a bunch of users currently using local RHEL 4 local
> unix user
> > accounts for their usernames and passwords and I would like
> to migrate
> > them to Directory Server. My question concerns the MD5 sum password.
> > I tried adding a user joeltest with password joeltest and I
> got hash:
> > JqBiQXU4$gnJeKmNzXy.kaXUaBIygs0
> > from RHEL but I got hash:
> > WGvQgGYUH2UOX2ZA1IQeyQ==
> This value is the base64 encoded value of the md5 digest of
> the password, and is the same as the md5 digest of "joeltest":
> $ echo -n "joeltest" | openssl dgst -md5 -binary | openssl
> base64 WGvQgGYUH2UOX2ZA1IQeyQ== $
> > >From Directory Server when I set the same password.
> > I'm guessing this is to do with further encodings placed on the
> > password hash. Hoping someone has done this before and can
> point me in
> > the right direction?
> > Thanks
> > Joel
> Jonathan Barber
> High Performance Computing Analyst
> Tel. +44 (0) 1382 386389
> Fedora-directory-users mailing list
The information contained in this e-mail message and any accompanying files is or may be
confidential. If you are not the intended recipient, any use, dissemination, reliance,
forwarding, printing or copying of this e-mail or any attached files is unauthorised. This
e-mail is subject to copyright. No part of it should be reproduced, adapted or
communicated without the written consent of the copyright owner. If you have received this
e-mail in error please advise the sender immediately by return e-mail or telephone and
delete all copies. Fairfax does not guarantee the accuracy or completeness of any
information contained in this e-mail or attached files. Internet communications are not
secure, therefore Fairfax does not accept legal responsibility for the contents of this
message or attached files.
Fedora-directory-users mailing list
High Performance Computing Analyst
Tel. +44 (0) 1382 386389