[prev in list] [next in list] [prev in thread] [next in thread]
List: forgerock-opendj
Subject: Re: [Opendj] Data migration from OpenLDAP to OpenDJ
From: Peter Varga <pvarga () opentext ! com>
Date: 2014-08-01 17:52:48
Message-ID: D7EF88BAAB2C5242B81D889E659BCC488E09977A () otwlxg21 ! opentext ! net
[Download RAW message or body]
[Attachment #2 (text/plain)]
You need to set the ds-cfg-allow-pre-encoded-passwords attribute to ‘true' in the \
default password policy (in config.ldif) or the applicable policy in order to set a \
pre-hashed password.
From: opendj-bounces@forgerock.org [mailto:opendj-bounces@forgerock.org] On Behalf Of \
Ludovic Poitou
Sent: Friday, August 1, 2014 11:30 AM
To: OpenDJ discussion list; Rogério Augusto Rondini
Subject: Re: [Opendj] Data migration from OpenLDAP to OpenDJ
Hi Rogério,
How are the passwords hashed in the instance of OpenLDAP ?
OpenDJ supports both userPassword and authPassword and all of the various schemes to \
hash the passwords. In the past, I don't think this was a major issue. At most, you \
will need to edit via script the userPassword attribute to set the proper prefix to \
the hashed value.
Regards,
Ludo
--
Ludovic Poitou
Product Manager
ForgeRock
On 1 Aug 2014 at 17:04:36, Rogério Augusto Rondini \
(rarondini.paradygma@gmail.com<mailto:rarondini.paradygma@gmail.com>) wrote: Hi all,
I would like to know how to migrate accounts from OpenLDAP to OpenDJ but keep the \
same password. I know (I think) that is not possible to get cleartext password \
(userPassword) in OpenLDAP to send in cleartext to OpenDJ.
Regards,
Rogério Rondini
_______________________________________________
OpenDJ mailing list
OpenDJ@forgerock.org
https://lists.forgerock.org/mailman/listinfo/opendj
[Attachment #3 (text/html)]
<html xmlns:v="urn:schemas-microsoft-com:vml" \
xmlns:o="urn:schemas-microsoft-com:office:office" \
xmlns:w="urn:schemas-microsoft-com:office:word" \
xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" \
xmlns="http://www.w3.org/TR/REC-html40"> <head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Helvetica;
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple" style="word-wrap: \
break-word;-webkit-nbsp-mode: space;-webkit-line-break: after-white-space"> <div \
class="WordSection1"> <p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">You \
need to set the ds-cfg-allow-pre-encoded-passwords attribute to ‘true' in the \
default password policy (in config.ldif) or the applicable policy in order to set a \
pre-hashed password.<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span \
style="font-size:11.0pt;font-family:"Calibri","sans-serif"">From:</span></b><span \
style="font-size:11.0pt;font-family:"Calibri","sans-serif""> \
opendj-bounces@forgerock.org [mailto:opendj-bounces@forgerock.org] <b>On Behalf Of \
</b>Ludovic Poitou<br> <b>Sent:</b> Friday, August 1, 2014 11:30 AM<br>
<b>To:</b> OpenDJ discussion list; Rogério Augusto Rondini<br>
<b>Subject:</b> Re: [Opendj] Data migration from OpenLDAP to \
OpenDJ<o:p></o:p></span></p> </div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div id="bloop_customfont">
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica","sans-serif"">Hi \
Rogério,<o:p></o:p></span></p> </div>
<div id="bloop_customfont">
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica","sans-serif""><o:p> </o:p></span></p>
</div>
<div id="bloop_customfont">
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica","sans-serif"">How \
are the passwords hashed in the instance of OpenLDAP ?<o:p></o:p></span></p> </div>
<div id="bloop_customfont">
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica","sans-serif"">OpenDJ \
supports both userPassword and authPassword and all of the various schemes to hash \
the passwords.<o:p></o:p></span></p> </div>
<div id="bloop_customfont">
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica","sans-serif"">In \
the past, I don't think this was a major issue. At most, you will need to edit via \
script the userPassword attribute to set the proper prefix to the hashed \
value.<o:p></o:p></span></p> </div>
<div id="bloop_customfont">
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica","sans-serif""><o:p> </o:p></span></p>
</div>
<div id="bloop_customfont">
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica","sans-serif"">Regards,<o:p></o:p></span></p>
</div>
<div id="bloop_customfont">
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica","sans-serif""><o:p> </o:p></span></p>
</div>
<div id="bloop_customfont">
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica","sans-serif"">Ludo<o:p></o:p></span></p>
</div>
<div id="bloop_sign_1406906761984476160">
<div>
<p class="MsoNormal"><span \
style="font-size:10.0pt;font-family:"Helvetica","sans-serif"">-- <br>
Ludovic Poitou<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span \
style="font-size:10.0pt;font-family:"Helvetica","sans-serif"">Product \
Manager<br> ForgeRock<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica","sans-serif""><o:p> </o:p></span></p>
<p><span style="font-size:9.0pt;font-family:"Helvetica","sans-serif";color:black">On \
1 Aug 2014 at 17:04:36, Rogério Augusto Rondini (<a \
href="mailto:rarondini.paradygma@gmail.com">rarondini.paradygma@gmail.com</a>) \
wrote:<o:p></o:p></span></p> <blockquote \
style="margin-top:5.0pt;margin-bottom:5.0pt"> <div>
<div>
<div>
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica","sans-serif"">Hi \
all, <o:p></o:p></span></p>
<div>
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica","sans-serif""><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica","sans-serif"">I \
would like to know how to migrate accounts from OpenLDAP to OpenDJ but keep the same \
password.<o:p></o:p></span></p> </div>
<div>
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica","sans-serif"">I \
know (I think) that is not possible to get cleartext password (userPassword) in \
OpenLDAP to send in cleartext to OpenDJ.<o:p></o:p></span></p> </div>
<div>
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica","sans-serif""><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica","sans-serif"">Regards,<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica","sans-serif"">Rogério \
Rondini<o:p></o:p></span></p> </div>
</div>
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica","sans-serif"">_______________________________________________
<br>
OpenDJ mailing list <br>
OpenDJ@forgerock.org <br>
https://lists.forgerock.org/mailman/listinfo/opendj <o:p></o:p></span></p>
</div>
</div>
</blockquote>
</div>
</body>
</html>
_______________________________________________
OpenDJ mailing list
OpenDJ@forgerock.org
https://lists.forgerock.org/mailman/listinfo/opendj
--===============5958327785685028564==--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic