NET::LDAP, somewhere the new userPassword gets base64 encoded

I'am using the Perl Net::LDAP Module with openldap-2.3.24 (uses LDAP 
protocol Version 3).

I need to update the userPassword field, the problem is that somewhere in 
the middle the new password i'am giving gets base64 encoded. 

As to my understanding i'am preparing the whole password.

In the password i'am putting first the encoding type: {MD5}, {SSHA}, etc and 
then the hash. No matter what i do, even the supposed encoding type gets 
base64 encoded once in the Server.

I'am not sure if it is Net::LDAP or the server itself who is doing this:

I've tried two diferent perl ways:

1.- Using replace

my $result = $ldap->modify(dn=>$dn, 
replace=>{'userPassword'=>"{MD5}$digest"});

2.- Using extended operations
my $result = $ldap->set_password(user=>$dn, newpasswd => "{MD5}$digest");

In the server the new password "{MD5}$digest" is a big base64 string.

I'am not including the rest of the MD5 or bind stuff, but it's Ok.

Hans Poo
http://www.welinux.cl

0
hans
11/9/2006 10:46:27 PM
perl.ldap 1268 articles. 0 followers. Follow

12 Replies
818 Views

Similar Articles

[PageSpeed] 0


--On Thursday, November 09, 2006 6:46 PM -0400 Hans Poo 
<hans@opensource.cl> wrote:

> I'am using the Perl Net::LDAP Module with openldap-2.3.24 (uses LDAP
> protocol Version 3).
>
> I need to update the userPassword field, the problem is that somewhere in
> the middle the new password i'am giving gets base64 encoded.
>
> As to my understanding i'am preparing the whole password.
>
> In the password i'am putting first the encoding type: {MD5}, {SSHA}, etc
> and  then the hash. No matter what i do, even the supposed encoding type
> gets  base64 encoded once in the Server.
>
> I'am not sure if it is Net::LDAP or the server itself who is doing this:
>
> I've tried two diferent perl ways:
>
> 1.- Using replace
>
> my $result = $ldap->modify(dn=>$dn,
> replace=>{'userPassword'=>"{MD5}$digest"});
>
> 2.- Using extended operations
> my $result = $ldap->set_password(user=>$dn, newpasswd => "{MD5}$digest");
>
> In the server the new password "{MD5}$digest" is a big base64 string.
>
> I'am not including the rest of the MD5 or bind stuff, but it's Ok.

It is supposed to be base64 encoded, what is the problem here?

--Quanah


--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
0
quanah
11/9/2006 10:32:08 PM

--On Thursday, November 09, 2006 7:59 PM -0400 Hans Poo 
<hans@opensource.cl> wrote:

> Hi, thank your response:
>
> I prepare the password:
>
> my $digest = md5_base64("foo");
>
> my $result = $ldap->modify(dn=>$dn,
> replace=>{'userPassword'=>"{MD5}$digest"});
>
> The expected result is to have {MD5}rL0Y20zC+Fzt72VPzMSk2A as the value
> for  the userPassword field, but instead i get:
>
> userPassword:: e01ENX1yTDBZMjB6QytGenQ3MlZQek1TazJB
>
> If i base64 decode this password:
>
> perl -MMIME::Base64 -e 'print decode_base64
> ("e01ENX1yTDBZMjB6QytGenQ3MlZQek1TazJB"), "\n"; '
>
> I get {MD5}rL0Y20zC+Fzt72VPzMSk2A. For instance the password is encoded
> twice to base64.
>
> Sorry if i'am not seeing something obvious ?, i've been the whole day
> looking in google.

Why are you base64 encoding the value yourself?  There is no need for you 
to do that.  It'll happen automatically when added to the LDAP server.

Basically, you are base64 encoding the word "foo", then then sticking {MD5} 
in front of that.  Then the LDAP server is base 64 encoding that string 
value.

Just remove the

my $digest = md5_base64("foo");

line.

Chance replace to be:

replace=>{'userPassword'=>"{MD5}foo"});


--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
0
quanah
11/9/2006 11:03:08 PM

--On Thursday, November 09, 2006 7:28 PM -0400 Hans Poo 
<hans@opensource.cl> wrote:

> Thanks again Quanah, but snip, it doesn't work, i've put:
>
> replace=>{'userPassword'=>"{MD5}foo"}
>
> But in the database i get:
>
> userPassword:: e01ENX1mb28=
>
> ...that again is:
>
> perl -MMIME::Base64 -e 'print decode_base64 ("e01ENX1mb28="), "\n"; '
>
> {MD5}foo
>
> No matter what i give, it always get base64 encoded, it seems that
> Net::LDAP  doesn't respect the "header of the password: {MD5} in this
> case," that gives  the encoding.

I don't understand why you think that value is wrong.  Because it isn't, it 
is correct.  The *entire string* is *supposed to be* base64 encoded.  I see 
nothing wrong with the value you've presented...

--Quanah


--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
0
quanah
11/9/2006 11:18:31 PM
On 9 Nov 2006, at 23:28, Hans Poo wrote:

> Thanks again Quanah, but snip, it doesn't work, i've put:
>
> replace=>{'userPassword'=>"{MD5}foo"}
>
> But in the database i get:
>
> userPassword:: e01ENX1mb28=
>
> ...that again is:
>
> perl -MMIME::Base64 -e 'print decode_base64 ("e01ENX1mb28="), "\n"; '
>
> {MD5}foo
>
> No matter what i give, it always get base64 encoded, it seems that  
> Net::LDAP
> doesn't respect the "header of the password: {MD5} in this case,"  
> that gives
> the encoding.

See http://www.openldap.org/faq/data/cache/1346.html - this confused  
the hell out of me for ages.
0
mike
11/9/2006 11:19:14 PM
Thanks again Quanah, but snip, it doesn't work, i've put:

replace=>{'userPassword'=>"{MD5}foo"}

But in the database i get:

userPassword:: e01ENX1mb28=

....that again is: 

perl -MMIME::Base64 -e 'print decode_base64 ("e01ENX1mb28="), "\n"; '

{MD5}foo

No matter what i give, it always get base64 encoded, it seems that Net::LDAP 
doesn't respect the "header of the password: {MD5} in this case," that gives 
the encoding.

Hans

On Thu, 09 Nov 2006 15:03:08 -0800, Quanah Gibson-Mount wrote
> --On Thursday, November 09, 2006 7:59 PM -0400 Hans Poo 
> <hans@opensource.cl> wrote:
> 
> > Hi, thank your response:
> >
> > I prepare the password:
> >
> > my $digest = md5_base64("foo");
> >
> > my $result = $ldap->modify(dn=>$dn,
> > replace=>{'userPassword'=>"{MD5}$digest"});
> >
> > The expected result is to have {MD5}rL0Y20zC+Fzt72VPzMSk2A as the value
> > for  the userPassword field, but instead i get:
> >
> > userPassword:: e01ENX1yTDBZMjB6QytGenQ3MlZQek1TazJB
> >
> > If i base64 decode this password:
> >
> > perl -MMIME::Base64 -e 'print decode_base64
> > ("e01ENX1yTDBZMjB6QytGenQ3MlZQek1TazJB"), "\n"; '
> >
> > I get {MD5}rL0Y20zC+Fzt72VPzMSk2A. For instance the password is encoded
> > twice to base64.
> >
> > Sorry if i'am not seeing something obvious ?, i've been the whole day
> > looking in google.
> 
> Why are you base64 encoding the value yourself?  There is no need 
> for you to do that.  It'll happen automatically when added to the 
> LDAP server.
> 
> Basically, you are base64 encoding the word "foo", then then 
> sticking {MD5} in front of that.  Then the LDAP server is base 64 
> encoding that string value.
> 
> Just remove the
> 
> my $digest = md5_base64("foo");
> 
> line.
> 
> Chance replace to be:
> 
> replace=>{'userPassword'=>"{MD5}foo"});
> 
> --Quanah
> 
> --
> Quanah Gibson-Mount
> Principal Software Developer
> ITS/Shared Application Services
> Stanford University
> GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html


Hans Christian Poo Rocco, Gerente General WeLinux.S.A. 
Of: 672.93.18, Cel: 09-319.93.05, hans@welinux.cl, http://www.welinux.cl
Nataniel Cox # 210 Of 56, Santiago de Chile

0
hans
11/9/2006 11:28:06 PM
Hi, thank your response:

I prepare the password:

my $digest = md5_base64("foo");

my $result = $ldap->modify(dn=>$dn, 
replace=>{'userPassword'=>"{MD5}$digest"});

The expected result is to have {MD5}rL0Y20zC+Fzt72VPzMSk2A as the value for 
the userPassword field, but instead i get: 

userPassword:: e01ENX1yTDBZMjB6QytGenQ3MlZQek1TazJB

If i base64 decode this password:

perl -MMIME::Base64 -e 'print decode_base64 
("e01ENX1yTDBZMjB6QytGenQ3MlZQek1TazJB"), "\n"; '

I get {MD5}rL0Y20zC+Fzt72VPzMSk2A. For instance the password is encoded 
twice to base64. 

Sorry if i'am not seeing something obvious ?, i've been the whole day 
looking in google.

Hans







Hans

On Thu, 09 Nov 2006 14:32:08 -0800, Quanah Gibson-Mount wrote
> --On Thursday, November 09, 2006 6:46 PM -0400 Hans Poo 
> <hans@opensource.cl> wrote:
> 
> > I'am using the Perl Net::LDAP Module with openldap-2.3.24 (uses LDAP
> > protocol Version 3).
> >
> > I need to update the userPassword field, the problem is that somewhere 
in
> > the middle the new password i'am giving gets base64 encoded.
> >
> > As to my understanding i'am preparing the whole password.
> >
> > In the password i'am putting first the encoding type: {MD5}, {SSHA}, etc
> > and  then the hash. No matter what i do, even the supposed encoding type
> > gets  base64 encoded once in the Server.
> >
> > I'am not sure if it is Net::LDAP or the server itself who is doing this:
> >
> > I've tried two diferent perl ways:
> >
> > 1.- Using replace
> >
> > my $result = $ldap->modify(dn=>$dn,
> > replace=>{'userPassword'=>"{MD5}$digest"});
> >
> > 2.- Using extended operations
> > my $result = $ldap->set_password(user=>$dn, newpasswd 
=> "{MD5}$digest");
> >
> > In the server the new password "{MD5}$digest" is a big base64 string.
> >
> > I'am not including the rest of the MD5 or bind stuff, but it's Ok.
> 
> It is supposed to be base64 encoded, what is the problem here?
> 
> --Quanah
> 
> --
> Quanah Gibson-Mount
> Principal Software Developer
> ITS/Shared Application Services
> Stanford University
> GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html


Hans Christian Poo Rocco, Gerente General WeLinux.S.A. 
Of: 672.93.18, Cel: 09-319.93.05, hans@welinux.cl, http://www.welinux.cl
Nataniel Cox # 210 Of 56, Santiago de Chile

0
hans
11/9/2006 11:59:30 PM
Thank's to all, there was a trouble in my program  and it never tried the 
Net::LDAP::Extension::SetPassword as i supposed it was doing. 

With this module it worked fine, but always using SMD5, i just give it the 
password without encoding or encoding type heading. 

I will check if there is a chance to use other encodings with this module an 
post later.

I have to say that the traditional replace way (not setpassword) using the 
password in clear like this stores it in clear in the ldap server.

Thank you
Hans

On Thu, 9 Nov 2006 23:19:14 +0000, Mike Whitaker wrote
> On 9 Nov 2006, at 23:28, Hans Poo wrote:
> 
> > Thanks again Quanah, but snip, it doesn't work, i've put:
> >
> > replace=>{'userPassword'=>"{MD5}foo"}
> >
> > But in the database i get:
> >
> > userPassword:: e01ENX1mb28=
> >
> > ...that again is:
> >
> > perl -MMIME::Base64 -e 'print decode_base64 ("e01ENX1mb28="), "\n"; '
> >
> > {MD5}foo
> >
> > No matter what i give, it always get base64 encoded, it seems that  
> > Net::LDAP
> > doesn't respect the "header of the password: {MD5} in this case,"  
> > that gives
> > the encoding.
> 
> See http://www.openldap.org/faq/data/cache/1346.html - this confused 
>  the hell out of me for ages.


Hans Christian Poo Rocco, Gerente General WeLinux.S.A. 
Of: 672.93.18, Cel: 09-319.93.05, hans@welinux.cl, http://www.welinux.cl
Nataniel Cox # 210 Of 56, Santiago de Chile

0
hans
11/10/2006 12:22:41 AM
On Nov 9, 2006, at 5:59 PM, Hans Poo wrote:
> Hi, thank your response:
>
> I prepare the password:
>
> my $digest = md5_base64("foo");
>
> my $result = $ldap->modify(dn=>$dn,
> replace=>{'userPassword'=>"{MD5}$digest"});
>
> The expected result is to have {MD5}rL0Y20zC+Fzt72VPzMSk2A as the  
> value for
> the userPassword field, but instead i get:
>
> userPassword:: e01ENX1yTDBZMjB6QytGenQ3MlZQek1TazJB

This base64 encoding is done by the LDIF exporter, that is what  
the :: represents. The value held in the directory will be "{MD5} 
rL0Y20zC+Fzt72VPzMSk2A"

What did you use to output the line above? It is not clear to me why  
it was decided to b64 encode the value for LDIF output as the value  
does not contain special characters.

Graham.

0
gbarr
11/10/2006 1:18:52 AM
On 9/11/06 11:03, Quanah Gibson-Mount <quanah@stanford.edu> wrote:

> Why are you base64 encoding the value yourself?  There is no need for you
> to do that.  It'll happen automatically when added to the LDAP server.
> 
> Basically, you are base64 encoding the word "foo", then then sticking {MD5}
> in front of that.  Then the LDAP server is base 64 encoding that string
> value.

If the server's blindly doing that, then it is stupid (IMHO). A more
reasonable way for a server to behave is for it to allow for the user
providing pre-hashed (and formatted) passwords in add and modify operations,
which has the obvious benefit of not sending plaintext passwords over the
wire, and secondly it allows the user to choose which hash algorithm they
want.

We do exactly that in our server (which is why I think it is more reasonable
:-) and it works very well.

> replace=>{'userPassword'=>"{MD5}foo"});

I'd remove the "{MD5}" from that as well.

But as Graham said, likely one of the confusions is that the LDIF dump will
also base64-encode the value.

Cheers,

Chris


0
chrisridd
11/10/2006 6:29:46 AM
It seems very unreasonable, but it may be a problem of openldap, it seems 
that it don't expect the hashing algotithm to be indicated in the string. 

Using set_password (extended control intreface), always SMD5 the given 
password string, and must be given in clear for it to work

I feel compeled to make a test with all te posible combinatios of: no hash 
algorithm, all hash algorithms: MD5, SMD5, SHA, SSHA, pass in clear or base 
64 encoded, and using replace and set_password to set the newpass.

I will post latter the results.

Hans

On Fri, 10 Nov 2006 06:29:46 +0000, Chris Ridd wrote
> On 9/11/06 11:03, Quanah Gibson-Mount <quanah@stanford.edu> wrote:
> 
> > Why are you base64 encoding the value yourself?  There is no need for 
you
> > to do that.  It'll happen automatically when added to the LDAP server.
> > 
> > Basically, you are base64 encoding the word "foo", then then sticking 
{MD5}
> > in front of that.  Then the LDAP server is base 64 encoding that string
> > value.
> 
> If the server's blindly doing that, then it is stupid (IMHO). A more
> reasonable way for a server to behave is for it to allow for the user
> providing pre-hashed (and formatted) passwords in add and modify 
> operations, which has the obvious benefit of not sending plaintext 
> passwords over the wire, and secondly it allows the user to choose 
> which hash algorithm they want.
> 
> We do exactly that in our server (which is why I think it is more 
reasonable
> :-) and it works very well.
> 
> > replace=>{'userPassword'=>"{MD5}foo"});
> 
> I'd remove the "{MD5}" from that as well.
> 
> But as Graham said, likely one of the confusions is that the LDIF 
> dump will also base64-encode the value.
> 
> Cheers,
> 
> Chris


Hans Christian Poo Rocco, Gerente General WeLinux.S.A. 
Of: 672.93.18, Cel: 09-319.93.05, hans@welinux.cl, http://www.welinux.cl
Nataniel Cox # 210 Of 56, Santiago de Chile

0
hans
11/10/2006 1:47:23 PM
Hello, i used: 
ldapsearch -W -D 
cn=Manager,dc=mydomain,dc=cl -x -b 'dc=mydomain,dc=cl' '(uid=myuid)'

Hans

On Thu, 9 Nov 2006 19:18:52 -0600, Graham Barr wrote
> On Nov 9, 2006, at 5:59 PM, Hans Poo wrote:
> > Hi, thank your response:
> >
> > I prepare the password:
> >
> > my $digest = md5_base64("foo");
> >
> > my $result = $ldap->modify(dn=>$dn,
> > replace=>{'userPassword'=>"{MD5}$digest"});
> >
> > The expected result is to have {MD5}rL0Y20zC+Fzt72VPzMSk2A as the  
> > value for
> > the userPassword field, but instead i get:
> >
> > userPassword:: e01ENX1yTDBZMjB6QytGenQ3MlZQek1TazJB
> 
> This base64 encoding is done by the LDIF exporter, that is what  
> the :: represents. The value held in the directory will be "{MD5} 
> rL0Y20zC+Fzt72VPzMSk2A"
> 
> What did you use to output the line above? It is not clear to me why 
>  it was decided to b64 encode the value for LDIF output as the value 
>  does not contain special characters.
> 
> Graham.


Hans Christian Poo Rocco, Gerente General WeLinux.S.A. 
Of: 672.93.18, Cel: 09-319.93.05, hans@welinux.cl, http://www.welinux.cl
Nataniel Cox # 210 Of 56, Santiago de Chile

0
hans
11/10/2006 1:54:32 PM

--On Friday, November 10, 2006 9:47 AM -0400 Hans Poo <hans@opensource.cl> 
wrote:

> It seems very unreasonable, but it may be a problem of openldap, it seems
> that it don't expect the hashing algotithm to be indicated in the string.
>
> Using set_password (extended control intreface), always SMD5 the given
> password string, and must be given in clear for it to work
>
> I feel compeled to make a test with all te posible combinatios of: no
> hash  algorithm, all hash algorithms: MD5, SMD5, SHA, SSHA, pass in clear
> or base  64 encoded, and using replace and set_password to set the
> newpass.

I doubt it is an openldap issue, since people use OpenLDAP with all of 
these password schemes without issue.

--Quanah


--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
0
quanah
11/10/2006 7:26:59 PM
Reply:

Similar Artilces:

getting an Base64 encoded attribute from ldap
Hello, I am having a problem getting a base64 encoded attribute from an ldap server.=20 When I am doing an ldapsearch from a unix commandline I get the = attribute correctly: QWxhZGRpbjpvcGVuIHNlc2FtZQ=3D=3D decoding ( decode_base64($encoded) ) it gives me the rigt content Carlsson Bil =C2erebro AB When getting it from Ldap using Net::Ldap I get unencryted somthing like this=20 Carlsson Bil =C2=99erebro=20 I have read nearly everything a could find but didn't anything how to extract the attribute correctly as a base64 as which it is saved in the ldap directo...

make Net::LDAP::LDIF more similar to Net::LDAP
Hi Graham, hi Chris, hi list, I would like to rework Net::LDAP::LDIF a bit so that its API resembles that of Net::LDAP a bit more while still keeping the traditional API. The reason for this is that in application I often need to distinguish between Net::LDAP and Net::LDAP::LDIF because some methods are only implemented on one side. I\'d like to start with a code() method that tries to mimic the Net::LDAP one and I\'d like to extend the Net::LDAP::Entry->update() method so that it takes a Net::LDAP::LDIF object as an argument. The latter one requires a...

[Fwd: make Net::LDAP::LDIF more similar to Net::LDAP]
--------------95D5815B06BDC2BD1A0ABFEB Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit --------------95D5815B06BDC2BD1A0ABFEB Content-Type: message/rfc822 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Mozilla-Status2: 00000000 Message-ID: <40C7B13E.8864E5A0@cs.adelaide.edu.au> Date: Thu, 10 Jun 2004 10:54:22 +1000 From: Sion Camilleri <sion@cs.adelaide.edu.au> Reply-To: sion@cs.adelaide.edu.au X-Mailer: Mozilla 4.8 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: Graham Barr <gbarr@pobox.com>...

Net::LDAP v0.28, bug in Net::LDAP::Constant, :all not supported
Net::LDAP::Constant no longer supports the :all tag in the export list due to the switch from Exporter to a manual export routine. So, while the following: perl -MNet::LDAP::Constant=:all -e 1 worked fine in 0.2701, it now dies with the error: ":all" is not exported by the Net::LDAP::Constant module at -e line 0 Can't continue after import errors at -e line 0 BEGIN failed--compilation aborted, <DATA> line 197. The documentation for Net::LDAP::Constant still documents the ':all' tag. I am not subscribed to the list, so if some...

Fw: Re: make Net::LDAP::LDIF more similar to Net::LDAP
Am 08.06.2004 um 18:29 Uhr haben Sie geschrieben: > On 8 Jun 2004, at 16:56, peter@adpm.de wrote: > > I\'d like to start with a code() method that tries to mimic the >> Net::LDAP one and >I assume you mean better error handling ? My first goal is having a code() method in Net::LDAP::LDIF. > > I\'d like to extend the > > Net::LDAP::Entry->update() method so that it takes a > > Net::LDAP::LDIF object as an argument. The latter one > > requires a bit of work in Net::LDAP::LDIF to make it > > correct. > Not su...

Net::LDAP and Net:LDAP::LDIF read & add problems
I'm trying to read in a simple LDIF file to add an entry to my LDAP server. Here is the basic routine (extraneous details omitted for brevity and security): $ldif = Net::LDAP::LDIF->new($tmp,"r",onerror => 'warn'); $entry = $ldif->ready_entry(); $ldap = Net::LDAP->new($LDAPSERVER); $result=$ldap->bind("$binddn",password=>"$bindpass",version=>"3"); $result=$ldap->add($entry); Now, everything seems to work until I get to the $ldap->add method. From that I get various versions of the following: object...

Fw: Re: make Net::LDAP::LDIF more similar to Net::LDAP #2
Hi, Am 09.06.2004 um 01:44 Uhr haben Sie geschrieben: > Extending Net::LDAP::Entry to update against LDIF and LDAP objects > could allow the changetype modifications to be to produced. > > This would be really useful to produce changetypes for entry objects by > updating against an LDIF object to produce the changetype LDIF required > up to synchronise entry objects. as Graham posted you can to that already now. Simply create your Net::LDAP::Entry object with the changes option set to TRUE. Having created the ::LDIF object that way you autom...

Net::LDAP and Net:LDAP::LDIF read & add problems #2
I'm trying to read in a simple LDIF file to add an entry to my LDAP server. Here is the basic routine (extraneous details omitted for brevity and security): $ldif = Net::LDAP::LDIF->new($tmp,"r",onerror => 'warn'); $entry = $ldif->ready_entry(); $ldap = Net::LDAP->new($LDAPSERVER); $result=$ldap->bind("$binddn",password=>"$bindpass",version=>"3"); $result=$ldap->add($entry); Now, everything seems to work until I get to the $ldap->add method. From that I get various versions of the following: obj...

Net:Net:Net::LDAP::FAQ
------_=_NextPart_001_01C6429F.D89AA417 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hello, Net::LDAP Net::LDAPS Is there a possible to LDAP bind with an encrypted (SHA, SSHA, CRYPT, ....) password? I don't like to write the secret password to the perl file. Best regards Barbara Wilbert ------_=_NextPart_001_01C6429F.D89AA417-- Wilbert Barbara (CI/OSI) * wrote: > Hello, > > Net::LDAP > Net::LDAPS > > Is there a possible to LDAP bind with an encrypted (SHA, SSHA, CRYPT, > ......

Net::LDAP & LDAP Decoding Error
--mvpLiMfbWzRoNl4x Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello! I have a question about an LDAP query with Net::LDAP. I send queries to an OpenLDAP server (version 2.2.24). The queries are very simple and intended to detect already existing user entries. The code that prepares and sends the query looks like this: $filter =3D "(uid=3D".$username.")"; $filterobj =3D Net::LDAP::Filter->new($filter); $lres =3D $ldap->search( base =3D> $base, s...

Net::LDAP based LDAP server available?
Hi, has anybody tried to build an LDAP server based on Net::LDAP or Convert::ASN1 yet? Thanks for any hint. Enrik ...

Secure LDAP (ldaps)
hi I have implemented ldap authentication in our application using the sample given in "LDAP using EAServer and Powerbuilder" document. It is succefully implemented. But the network people has asked me to connect on secure port (ldaps) now. My problem is i don't know what i kind of setting i should do now on EAServer box and what i should do on the clients. I assume there is nothing to be done on the client because the call to ldap check is initiated from the EAServer Server to LDAP server using EJB (calling JNDI API). We are runnig EAServer on JDK 1.3. Can someone g...

Net::LDAPS new connection
Hi, probably I'm doing something wrong, but I am not able to connect to an LDAPS server more than one time in a script on a Linux machine. The first connect succeeds as expected, after having done some work I disconnect from the server ($oLDAP->disconnect and/or $oLDAP->unbind) and undef( $oLDAP ). After that I am not able to connect again - neither to the same server nor to a different one. I read that one can have only one LDAPS connection at a time, but how can I have more than one connection after having diconnected the previous one in a script. Using Net::LDAP on port...

Using /etc/ldap.conf to get hostnames of LDAP servers
Is there a way to get Net::LDAP to use the system configuration file to get the hostnames to connect to? Passing "", undef, or nothing to Net::LDAP->new doesn't seem to do anything other than fail. I could always open the configuration files, but that is slightly painful, given that the first of the vagaries is that it could be /etc/ldap.conf (fedora), /usr/local/etc/ldap.conf (fBSD), or /etc/ldap/ldap.conf (debian). Thanks in advance, Pi -- I have always wished that my computer would be as easy to use as my telephone. My wish has come true. I no longer know ...

Web resources about - NET::LDAP, somewhere the new userPassword gets base64 encoded - perl.ldap

Lightweight Directory Access Protocol - Wikipedia, the free encyclopedia
Directory services may provide any organized set of records, often with a hierarchical structure, such as a corporate email directory. Similarly, ...

Website Security for Webmasters
Users are taught to protect themselves from malicious programs by installing sophisticated antivirus software, but they often also entrust their ...

鍏ㄥ浗鏅€氶珮绛夋暀鑲叉暀鏉愮綉
鐢ㄦ埛鍚嶏細 瀵嗙爜锛?input type="password" name="userpassword" size="10" id="login_password"/> 鐧诲綍 娉ㄥ唽 棣?椤?/div> 鏀跨瓥鍏憡 楂樻牎鏁欐潗 鏁欐潗璇勪粙 鍦版柟涓撴爮 鍜ㄨ闂瓟 鎼滅储绯荤粺锛? ...

CutePDF :: SDK :: Custom PDF Writer
Integrating custom PDF Writer with your application is quite easy. You can print to the PDF Printer driver just as you would any other printer. ...

Set up a Trusted Path
The counterpart to needing trustworthy channels(see Section 7.12 )is assuring users that theyreally are working with the program or system they ...

App Developer API - Transporter
/** * registerAppKey - Call with appKey on first run / install * * - [IN] appKey: An application Key for the app; unique for every application ...

linux.redhat.release.nahant.general (date)
osdir.com mailing list archive F.A.Q. -since 2001! Monthly Indexes 2006-05 2006-04 2006-03 2006-02 2006-01 2005-12 2005-11 2005-10 2005-09 2005-08 ...

Create a Fast Boot Option
TucsonTJ asked the Answer Line Forum for a fast, slimmed-down alternative way to boot Windows.

svn blame
This documentation was written to describe Subversion 1.0. If you are running a newer version of Subversion, we strongly suggest that you visit ...

UPDATE 1-LinkedIn breach puts site's reputation on the line
* Experts say breach may be more serious than disclosed* Dearth of information leaves some customers unhappy* LinkedIn trades at lofty premium ...

Resources last updated: 11/21/2015 5:53:14 PM