[Fedora-directory-users] Migrating RHEL users to Directory Server
Jonathan Barber
j.barber at dundee.ac.uk
Thu Jan 3 11:23:40 UTC 2008
On Mon, Dec 31, 2007 at 02:25:21PM +1100, Joel Heenan wrote:
> Ok then so from my reading a bit more into how the Linux MD5 sum is
> calculated it seems that because it includes a salt and is otherwise
> mangled what I'm attempting to do is impossible and I'll need to get
> users to set passwords manually. Is this correct?
Yes.
If you want to postpone having to get your users to reset their
passwords, you could try the pam-passthru plugin:
http://cvs.fedoraproject.org/viewcvs/ldapserver/ldap/servers/plugins/pam_passthru/README?root=dirsec&rev=1.6&view=auto
> I was hoping that I could take the Linux PAM MD5 and plonk it inside
> Directory Server but this doesn't seem possible. Unless there is some
> plugin designed for this that understands Linux MD5?
Not that I know of, but it shouldn't be that difficult to write using
the existing pwdstorage plugins as a starting point.
> Thanks
>
> Joel
>
> > -----Original Message-----
> > From: fedora-directory-users-bounces at redhat.com
> > [mailto:fedora-directory-users-bounces at redhat.com] On Behalf
> > Of Jonathan Barber
> > Sent: Monday, 24 December 2007 11:49 PM
> > To: General discussion list for the Fedora Directory server project.
> > Subject: Re: [Fedora-directory-users] Migrating RHEL users to
> > Directory Server
> >
> > On Fri, Dec 21, 2007 at 01:51:30PM +1100, Joel Heenan wrote:
> > > Fedora Directory Users,
> > >
> > > I have a bunch of users currently using local RHEL 4 local
> > unix user
> > > accounts for their usernames and passwords and I would like
> > to migrate
> > > them to Directory Server. My question concerns the MD5 sum password.
> > >
> > > I tried adding a user joeltest with password joeltest and I
> > got hash:
> > >
> > > JqBiQXU4$gnJeKmNzXy.kaXUaBIygs0
> > >
> > > from RHEL but I got hash:
> > >
> > > WGvQgGYUH2UOX2ZA1IQeyQ==
> >
> > This value is the base64 encoded value of the md5 digest of
> > the password, and is the same as the md5 digest of "joeltest":
> > $ echo -n "joeltest" | openssl dgst -md5 -binary | openssl
> > base64 WGvQgGYUH2UOX2ZA1IQeyQ== $
> >
> > Regards.
> >
> > > >From Directory Server when I set the same password.
> > >
> > > I'm guessing this is to do with further encodings placed on the
> > > password hash. Hoping someone has done this before and can
> > point me in
> > > the right direction?
> > >
> > > Thanks
> > >
> > > Joel
> >
> > --
> > Jonathan Barber
> > High Performance Computing Analyst
> > Tel. +44 (0) 1382 386389
> >
> > --
> > Fedora-directory-users mailing list
> > Fedora-directory-users at redhat.com
> > https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >
>
> The information contained in this e-mail message and any accompanying files is or may be confidential. If you are not the intended recipient, any use, dissemination, reliance, forwarding, printing or copying of this e-mail or any attached files is unauthorised. This e-mail is subject to copyright. No part of it should be reproduced, adapted or communicated without the written consent of the copyright owner. If you have received this e-mail in error please advise the sender immediately by return e-mail or telephone and delete all copies. Fairfax does not guarantee the accuracy or completeness of any information contained in this e-mail or attached files. Internet communications are not secure, therefore Fairfax does not accept legal responsibility for the contents of this message or attached files.
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
--
Jonathan Barber
High Performance Computing Analyst
Tel. +44 (0) 1382 386389
More information about the 389-users
mailing list