[389-users] SASL auth problem on bind with Mac OS X 10.4

[Roland Schwingel]

Hi...

Sorry to follow up on my own post but I figured it out. 

> Any clue what is wrong here? Is this a SASL uid mapping problem or is it 
because the user passwords are stored SSHA hashed? I 
> already tried to change the stored password from SSHA to MD5, but it 
does not help SASL auth fails with the same error 
> message. Or is this a hash comparison problem? 

It is indeed the hash problem.
When I switch my password storing to cleartext (BRR!) mac os x 10.4 can 
log in.
But this is nothing I want to have. Is it true that Apple's OpenDirectory 
Servers are also storing
their passwords in cleartext? Can someone with access to an OpenDirectory 
Server
verify this?

I don't want to store clear text passwords... 
Has anyone else 389ds running with Mac OS X 10.4 clients and managed to 
use it without
cleartext passwords?

Thanks,

Roland
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20100519/fcd73950/attachment.html>