Andor

Asked: 2015-06-10 04:47:04 +0800 CST2015-06-10 04:47:04 +0800 CST 2015-06-10 04:47:04 +0800 CST

Multiple passwordStorageScheme values on same user on 389ds / FreeIPA

I have deployed a FreeIPA identity solution which is backed inside by a 389 directory server.

Due to the need of periodically syncing user passwords to another platform (Google Apps for Work), I need the user account storage schemes to be SHA1 instead of SSHA (salted SHA).

I could easily switch the passwordStorageScheme to SHA, but I don't know if IPA relies on the password being SSHA and I would break something, so:

Can I 'happily' switch from SSHA to SHA passwordStorageScheme withouth breaking anything?
Instead of that, can I configure 389 to save an additional hash in a custom attribute (lets say, 'userPasswordSHA'), each time a password changes, so I can easily dispose of both?

Multiple passwordStorageScheme values on same user on 389ds / FreeIPA

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?

Multiple passwordStorageScheme values on same user on 389ds / FreeIPA

0 Answers