<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
Sam Tran wrote:
<blockquote cite="midcee681b005070708299c1598c@mail.gmail.com"
type="cite">
<pre wrap="">On 7/7/05, Rich Megginson <a class="moz-txt-link-rfc2396E" href="mailto:rmeggins@redhat.com"><rmeggins@redhat.com></a> wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Sam Tran wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Hi all,
I compiled FDS from the latest sources.
I migrated a user entry from OpenLDAP to FDS as a test. For that user
entry I tried different password hash schemes for the userPassword
attribute and checked if it was successfully migrated to FDS. Here are
the results:
</pre>
</blockquote>
<pre wrap="">Did you run this script first -
<a class="moz-txt-link-freetext" href="http://www.directory.fedora.redhat.com/download/openLDAP2Fedora.pl">http://www.directory.fedora.redhat.com/download/openLDAP2Fedora.pl</a> - to
migrate the data that used MD5 passwords?
</pre>
<blockquote type="cite">
<pre wrap="">{CRYPT} --> OK
(MD5} --> FAILED
{SMD5} --> FAILED
{MD5CRYPT} --> OK
{SHA} --> OK
{SSHA} --> OK
I thought that FDS supported MD5 password hash. Did I miss something?
</pre>
</blockquote>
<pre wrap="">Not sure. I would have expected {MD5} to work but not {MD5CRYPT}. See
above.
</pre>
<blockquote type="cite">
<pre wrap="">Thanks in advance.
Sam
</pre>
</blockquote>
</blockquote>
<pre wrap=""><!---->
You should not need to run this script to do the migration. This
script just Base64 decodes the userPassword attribute and puts it in
the form {HASH}xxxxxxxx. FDS apparently understands the Base64 encoded
version of the password.
For SHA, SSHA, CRYPT and MD5CRYPT I didn't use this script and the
migration was successful. For MD5 I tried without and with the script:
it was unsuccessful in both cases.
</pre>
</blockquote>
This is really bizarre, because MD5CRYPT should not work at all - it is
not supported by FDS. The only thing I can think is that it is
interpreting the value as clear text.<br>
<br>
How did you verify that the migration was successful?<br>
<blockquote cite="midcee681b005070708299c1598c@mail.gmail.com"
type="cite">
<pre wrap="">
Sam
</pre>
</blockquote>
</body>
</html>