[Freeipa-devel] Capturing passwords for migration at bind-time?

[Simo Sorce]

On Thu, 2008-06-26 at 11:14 -0400, John Dennis wrote:
> Nalin Dahyabhai wrote:
> > Would it be useful to also intercept the password used when a simple or
> > SASL/PLAIN bind requests succeed, and take the opportunity to generate
> > the hashes so that we can avoid forcing password changes?
> >   
> How do you plan to intercept the plain text password in IPA? We aren't 
> in control of the services a user is likely to issue a SASL/PLAIN bind 
> to are we?

We control the LDAP server, that's the only SASL/PLAIN bind we care
about.

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York