userPassword
Hans Aschauer
Hans.Aschauer at Physik.uni-muenchen.de
Wed Apr 3 10:57:39 CEST 2002
On Wednesday, 3. April 2002 01:33, dennis at illusions.com wrote:
> Can someone give example code of setting a userPassword attribute to
> an encrypted password with python-ldap?
Hm, I dont know what exactly you want to do. Obviously, the encrypted
password depends on the cryptographic hashing algorithmus you use
(crypt, md5, sha1, etc). If you migrated your users from NIS, this is
probably {crypt}. As far as I know, there exist different
implementations of crypt, so that the result might be platform
dependent.
Here comes the code:
import crypt
passwd = 'mysecret'
salt = "xy"
userPassword = '{crypt}' + crypt.crypt(passwd,salt)
And that's it. userPassword could then be used with the add() method of
the ldap object. The salt string is a two character string and may be
chosen at random (I'm not sure about this, anyway: sometimes it seems
to be just the first two caracteres of the user name...). The salt is
just the first two caracters of the encrypted password, so that it does
not add security to the crypt algorithm.
Diclaimer: dealing with passwords (plaintext _and_ encrypted) is
dangerous. Just be sure that you know what you are doing! Don't use
ldap connections which are not protected by other means!
Hope it helps,
Hans
--
Hans.Aschauer at Physik.uni-muenchen.de
More information about the python-ldap
mailing list