Hello all,
To be short : I work for a school and I have to build my own OpenLDAP server to authenticate my users. This server will be used to authenticate different local web applications and our MACBook Pro High Sierra 10.13.6 (about 120 computers)
Everything works except the following : When I create a new user in my OpenLDAP server, the password is encrypted using SHA. People can than connect to the web part of the server to change their password.
When they try to open a session on the Macbook Pro, they receive an error message about a wrong password. (instead the connection to the OpenLDAP server is made and is fine).
I analyzed that and realized that when I create a user, the password looks like : {sha}<hash encryption>. If, using a ldap admin tool, and I change the {sha} with capital letters -> {SHA} and I don't change the hash encryption, I can connect with the computers.
But this time, people cannot authenticate anymore through the web console to change their password !
So it seems my OpenLDAP and my Macs are not storing the password in the same way.
I don't know what to do to make my 2 systems speaking the same langage ...
Any idea is very welcomed
Thanks to all for your help
To be short : I work for a school and I have to build my own OpenLDAP server to authenticate my users. This server will be used to authenticate different local web applications and our MACBook Pro High Sierra 10.13.6 (about 120 computers)
Everything works except the following : When I create a new user in my OpenLDAP server, the password is encrypted using SHA. People can than connect to the web part of the server to change their password.
When they try to open a session on the Macbook Pro, they receive an error message about a wrong password. (instead the connection to the OpenLDAP server is made and is fine).
I analyzed that and realized that when I create a user, the password looks like : {sha}<hash encryption>. If, using a ldap admin tool, and I change the {sha} with capital letters -> {SHA} and I don't change the hash encryption, I can connect with the computers.
But this time, people cannot authenticate anymore through the web console to change their password !
So it seems my OpenLDAP and my Macs are not storing the password in the same way.
I don't know what to do to make my 2 systems speaking the same langage ...
Any idea is very welcomed
Thanks to all for your help