similar to: SSHA with LDAP?

Dear friends, We have samba-3.0.21c-1 under RH9 + openldap 2.3.11 under FC4. When a windows user changes his password using Ctrl-Alt-Del the password is stored on ldap in SSHA format but we need to work with CRYPT because we have some apps that don't support SSHA. These are the lines related with authentication defined in smb.conf: encrypt passwords = yes ldap passwd sync = Yes

hello guys, I'm working on a federal university at Brasil, we already have an openLdap with all users and this base is used to authenticate several services like email, vpn, wireless (RADIUS), and we have also Shibboleth providing SSO. During my studies of Asterisk, i see a lot of people talking about the incapacity of asterisk (more precisely because of SIP) to authenticate against a

Is it possible to take a SSHA password from an ldif and create a proper sambaNTpassword from it? Here's the scenario: the ldap servers in our organization do not have the samba schema installed and the likelihood of that happening is slim. I still want to provide clients with as close to a single sign on solution as possible and I can get an ldif of the accounts I need. However, the

Hi there, I was wondering if someone could explain how dovecot/dovecotpw produces salt for use in ssha passwords, I'd like to replicate this in PHP so I can write my passwords from php in ssha instead of just sha1. Thanks in advance, Andrea Baitis

Hello, I've the following goal to reach : modify the attribute userPassword via a Java method in a Samba LDAP tree. I successfully changed the SSHA password in the LDAP. But I can't open a session with this new password. It seems, that sambaNTPassword et sambaLMPassword must be changed too ... but i don't know how to do it ... Any idea ? Regards -- Herv? H?noch Responsable

I'm confused about the status of auth agent forwarding while using v2 protocols. I found an old newsgroup post that said it was not available but an entry in the ChangeLog entry dated 20001113 seems to indicate that it was added. So. Does agent forwarding work while using v2 protocols? I've been unable to get it to work since I switched to using v2. Thanks, Ben -- Ben Beuchler

Hallo. First of all I'm sorry for my bad english. I have a question about how dovecot use passwords. I have all my mail accounts in a ldap database. The user password are stored in form: {crypt}mypasswd. In dovecot-ldap.conf I have default_pass_scheme = CRYPT. All is working fine. The problem in the crypt scheme is that I can't have passwords more than 8 characters long. So I've tried

I have a dovecot installing working quite well for around 1000 users using passwd-file authentication. I'm moving to LDAP and would sure love to be able to migrate the existing MD5 passwords. I've tried using ldapmodify to set "userPassword" to {CRYPT}$1$H8JE0k5X$y.ptShgYbOgWF.99lX88N1 and {MD5}$1$H8JE0k5X$y.ptShgYbOgWF.99lX88N1 In both cases, ldapmodify exits without errors

Hello, I've got dovecot set up to authenticate against our LDAP server. So far seems to work well. I have two concerns that I haven't been able to find answers for in the documentation or archives. Is there any intention to support "authentication binds" so you don't have to bind as a user with read privileges to everyone's userPassword attribute? For security

I'm looking for a way to figure out which accounts have not been logged in to in over n days. It occurs to me that, perhaps, the way to do this would be to look at the mtime on one of the dovecot-maintained files, like 'dovecot-uidlist'. Is there a particular file that would be modified on (almost) every login, whether it be via POP or IMAP? -Ben -- Ben Beuchler

Hi, I have to bring samba4 as a DC in my setup which currently runs zimbra mail server, I need to migrate all the users with their passwords to samba4. I am able to extract the users and their ssha encrypted passwords, But am unable to set the passwords of these users as ssha. I really don't want to reset the passwords of all the users. Can anybody tell if/how i can set the passwords of users

We are currently running a production mail server using version 0.990.99.11-2 (latest RPM from RHEL/CentOS). We would like to migrate more virtual domains off our courier imap server to dovecot but the courier imap user passswords are stored in LDAP and are SSHA hashed which is not supported by our current version of dovecot (CRYPT only). >From reading the mailing lists this feature is now

Hi, Not sure if this is a PBKAC or not:- root at ds3:/usr/share/postfixadmin# doveadm pw -s SHA512-CRYPT -p password {SHA512-CRYPT}$6$aUgGXP0UshkMj7hY$9JV4yMRsjIe/98CzmglYrMjf.9NJ.FXzxcLE9B0v3doCRUWo2wRncc6hg6VCs0DCUHQbeC/bRDZdGCge/nB/h/ root at ds3:/usr/share/postfixadmin# doveadm pw -t

I am using a FreeBSD 11-2 amd/64 system with dovecot version 2.3.4 installed. I was playing around with different encryption schemes. doveadm pw -l SHA1 SSHA512 BLF-CRYPT PLAIN HMAC-MD5 OTP SHA512 SHA RPA DES-CRYPT CRYPT SSHA MD5-CRYPT SKEY PLAIN-MD4 PLAIN-MD5 SCRAM-SHA-1 LANMAN SHA512-CRYPT CLEAR CLEARTEXT SSHA256 NTLM MD5 PBKDF2 SHA256 CRAM-MD5 PLAIN-TRUNC SHA256-CRYPT SMD5 DIGEST-MD5

I'm using RedHat 9 and Samba 3.01rc2. I'm working through the Samba Howto on LDAP but I've no experience of LDAP and I'm struggling to understand what is needed. At the moment when I try to change or set a password with smbpasswd, I get the message "failed to bind to server with dn = etc: Invalid credentials". So can someone clarify any of these points for me. 1. About

Hello, I am doing a samba pdc with ldap. When I try to login to the domain, or access some shares I get this in my ldap logs: Mar 7 16:46:16 localhost slapd[3588]: conn=25 op=4 SRCH base="ou=People,dc=test,dc=org" scope=1 filter="(&(objectClass=posixAccount)(uid=DOMAIN\5CTD))" Mar 7 16:46:16 localhost slapd[3588]: conn=25 op=4 SEARCH RESULT tag=101 err=0 text= My

Hi, just a question: I know that dovecot supports SASL authentication and supports LDAP. Which means that dovecot performs the SASL methods itself and stores the plaintext secret on LDAP. But it is also possible to have the LDAP do the SASL work and dovecot just pass SASL messages through? Even when the LDAP server uses a proprietary SASL method not supported by dovecot? regards Hadmut

I''m working on a definition for activating/deactivating Apache modules on an Ubuntu system. Inside my Apache class I have this definition: define module($ensure) { case $ensure { enabled: { exec { "a2enmod": command => "/usr/sbin/a2enmod $name", logoutput => on_failure,

Hello, am I right, that dovecot can't cope with ldap so authentification is handled by ldap itself? And, for that I have to use {CRYPT} and cannot use other mechanisms as {SMD5} Are there any other possibilities? A --

Hi I would like to simulate dovecot's dovecotpw with a perl script I tried / used use Crypt::SaltedHash; my $csh = Crypt::SaltedHash->new(algorithm => 'SHA-1'); $csh->add($passwd_string); my $salted = $csh->generate; also use Digest::SHA1; use MIME::Base64; $ctx = Digest::SHA1->new; $ctx->add($passwd_string); $ctx->add('salt'); my $salted =