Hashed password import into LDAP

Similar Messages

• Insert a hashed password into OID

  I have the need to migrate all user accounts (stored in a custom table) into OID as we are moving over all login to Single Sign On
  Within our custom table, we store the Application username and password (hashed using DBMS_OBFUSCATION_TOOLKIT.MD5 function)
  What I would like to do is migrate these hashed passwords into OID so the users can keep the same passwords as are been currently used in the Application
  I have been playing around with the "No Encryption" option in OID as well as the "Userpassword reversable Encryption" attribute in the Password Policy for Realm area but with no real joy
  Any suggestions would be welcome otherwise I will have to issue new passwords to all users
  Regards
  Duncan

  If you only need plain SSO you probably can get this to work. LDAP allows storing hashed passwords, and MD5 if I am not mistaken should be supported on OID. EUS (Database authentication) wont probably work, but SSO should be fine.
  See note 261780.1, you need to prepend the hash type, and it needs to be base64 encoded. On a LDIF file it should look like this:
  userpassword: {MD5}IUg245aBlYtKEGVI1N1gfg==
  I never tested this, so good luck. But if you cannot get it to work you can do this the hard way, store the hash on some other attribute, like pager or facsimiletelephonenumber, and implement a ldapcompare and ldapbind plugin to replace the password validation with a custom package.
  Regards,
  Luis

• Migrate users from qmail to sun messaging  (import MD5 hashed passwords)

  Hi,
  we are planning to migrate about 2000 users from our current mail system (qmail + openldap) to Sun Messaging 6.2.
  We have encountered a problem with user password migration. In our current ldap user passwords are MD5 encrypted, but it appears as Directory 5.2 does not support MD5 encryption method.
  This is what I have found :
  http://docs.sun.com/source/817-7616/config.html#wp26092
  The following encryption types are supported by Directory Server:
  * SSHA (Salted Secure Hash Algorithm) is the recommended method as it is the most secure.
  * SHA (Secure Hash Algorithm). This is the method supported by 4.x Directory Servers.
  * CRYPT is the UNIX crypt algorithm. It is provided for compatibility with UNIX passwords.
  * If this attribute is set to CLEAR, passwords are not encrypted and appear in plain text.
  We want to import MD5 hashed passwords so users can use their old password after we migrate to SUN, but as passwords are updated they will be SSHA hashed.
  We only have a problem with importing MD5 hashed passwords in ldap directory.
  Current password on openLDAP are created with the following PHP code:
  $info["userPassword"]= '{md5}' . base64_encode(pack('H*', md5($passwd)));
  I have tried to copy userpassword value from openldap to directory but the directory ignores {md5} and hashed the string again using SSHA.
  Example:
  cleartextpass: password
  md5_base64_hash={MD5}X03MO1qnZdYdgyfeuILPmQ==
  after ldap modify userpassword field loks like this:
  userpassword:{SSHA}a+dFsejrTGwQAgdU07kkgzWWOC16SiIW2UsPcQ==
  What is the correct procedure to import MD5 hashed passwords in Sun Directory?
  (NS-MTA-MD5 Password Storage Plug-In is enabled)

  Sun Directory 5.2 has a plugin NT-MTA-MD5 which should enable users to authenticate with MD5 hashed passwords.
  I have checked in cn=config and NS-MTA-MD5 plugin is enabled.
  I have tried with {NS-MTA-MD5} prefix and still directory does not allow users to authenticate.
  Example:
  cleartextpass: foo
  md5_base64_hash={NS-MTA-MD5}rL0Y20zC+Fzt72VPzMSk2A==
  after ldap modify userpassword field loks like this( NS-MTA-MD5 is accepted by directory):
  userpassword:{NS-MTA-MD5}rL0Y20zC+Fzt72VPzMSk2A==
  but
  ldap bind fails with "invalid credentials" error
  We are using solaris 10 so I tried using the prefix {crypt} and it did not work. You said something about the right config in /etc/security/crypt.conf. Here is the content of my crypt.conf file:
  1 crypt_bsdmd5.so.1
  2a crypt_bsdbf.so.1
  md5 crypt_sunmd5.so.1
  This should be the right config "md5 crypt_sunmd5.so.1"
  Am I missing something here?
  Is there anything else I need to do to enable directory to use MD5 hashed passwords?
  Maybe NS-MTA-MD5 plugin is not enough?

• Passwords in CSV format. How do I convert to HTML for import into Firefox

  Converted Norton Identity Safe passwords to CSV format. Import into Firefox needs file in HTML format. What is that format?

  Password Exporter also supports the XML format.
  You can check the format to see what is easier to convert.
  * Password Exporter: https://addons.mozilla.org/firefox/addon/password-exporter/

• Import netscape.ldap.* ; is it not supported in Sun one LDAP server

  import netscape.ldap.*;
  is the above line not supported n Sun One LDAP directory Server
  if that is the case what should i do
  wenever i compile my code the error tat comes up is : package netscap.ladp does not exists
  need help immediately
  my code is as follows
  import netscape.ldap.*;
  import java.util.*;
  * Simple search program to experiment with filters
  public class SearchFilter {
  * Do a subtree search using a specified filter
  * @parm args host, port, authDN, password, baseDN, filter
  public static void main(String[] args) {
  if (args.length != 6) {
  System.out.println("Usage: java FilterSearch " + "<host> <port> " + "<authdn> <password> " + "<baseDN> <filter>");
  System.out.println("Example:");
  System.out.println(" java FilterSearch " + "localhost 389 " + "\"\" \"\" " + "\"o=airius.com\" " + "\"(|(cn=sam*)(cn=b*))\"");
  System.exit(1);
  }

  Couldn't you download the netscape.ldap package (iPlanet LDAP SDK) and put its jars in your app classpath?
  The suggested way to replace netscape.ldap package is to use only JNDI calls, but maybe they can not fulfill all your needs.
  By the way, you can get the source code for that package in Mozilla.org site.
  (Note: if you are using Netscape LDAP SDK for parsing/generating ASN.1 streams including X.509 certificates, try using BouncyCastle instead of netscape.ldap.ber.stream package - I had to modify several classes from Netscape's package that is not meant to handle certificates, but LDAP streams...)

• Do employee ID get imported into SRM when ECC HR org trasfer via ALE

  Hi All,
  We are implimenting SAP SRM 7.00 EHP1 which will integrate with out existing ECC system. We are planning to import SAP HR organization structer to SAP SRM system via ALE message type HRMA_ABA.
  My doubts:
  1. Do the employee ID will imported into SRM throgh via ALE message type HRMA_ABA ?
  2. Do the empoyee will created as a SRM user automatically(USER_GEN is for manuall creation) when imported via ALE ?
     - if not, how can I create a employee ID as SRM user automatically ?
     - if yes, what whould be password of the employee ID when it will transfer via ALE ?
  3. We are planning to use Portal independent access for SRM 7.0. We will use NWBC for access SRM. If the    SRM user will create authomatically, how can I assign role(PFCG role) to the emplyee ID ?
  Thanks,
  BR,
  Jennifer

  yes you can.. go though below docs
  Note 312090 - Integration HR - EBP/CRM and
  https://websmp201.sap-ag.de/~form/sapnet?_FRAME=CONTAINER&_OBJECT=011000358700000310782007E and
  http://www.sdn.sap.com/irj/scn/index?rid=/library/uuid/f04782bd-8c01-2c10-b8ab-edd4e9d34cb7&overridelayout=true

• Indexing Hashed Password

  Hi All
  We have a requirement to index SHA encrypted passwords in our LDAP user database. My next question is that we will be authenticating users using JNDI connecting to LDAP. I am wondering if anyone has tried this.
  Thanks

  Why do you need to index passwords? Will you be doing searches like
  (userPassword={SSHA}jakls09asd0asd89===)
  Seems strange, but you should be able to create an index for userPassword to index the hashed values. Just use the usual method for creating an index for an attribute.

• Can't Import into DW6

  Newbie... but have created a BC site from inside Dreamweaver .... works fine... input username and password...etc.
  Then tried to import a site I created through the BC partner port ... the site on BC shows up on the import site menu in dreamweaver .. but then I get a "cannot connect to server message."
  What is the solution to fix this.
  Thank you,
  Karen

  Nope it continues.... I discovered the adobe live chat ... the issue has now been escalated... I gave them my password and the had the same problem importing the site created in BC into Dreamweaver.  I went through three different people and several hours 
  the Basic site I created through Dreamweaver imports fine... same account.  The problem is I need the template on BC...  for the client I'm working with. 
  Thanks for getting back to me
  Karen Kelly
  [email protected]
  509-599-4476
  Date: Wed, 22 Aug 2012 17:13:16 -0600
  From: [email protected]
  To: [email protected]
  Subject: Can't Import into DW6
      Re: Can't Import into DW6
      created by mario_gudelj in Business Catalyst - View the full discussion
  Hi Karen, Was this some kind of temporary connection issue or does it still persist?  Please check your Site Settings in DW and make sure that the FTP details are setup for that site. Also, if you're on a Windows machine make sure you don't have some kind of security software blocking DW from making a connection. Perhaps a firewall or one of those anti-virus packages that can control connections. Cheers, -mario
       Replies to this message go to everyone subscribed to this thread, not directly to the person who posted the message. To post a reply, either reply to this email or visit the message page: http://forums.adobe.com/message/4641117#4641117
       To unsubscribe from this thread, please visit the message page at http://forums.adobe.com/message/4641117#4641117. In the Actions box on the right, click the Stop Email Notifications link.
       Start a new discussion in Business Catalyst by email or at Adobe Forums
    For more information about maintaining your forum email notifications please go to http://forums.adobe.com/message/2936746#2936746.

• Import into Consolidation system failed

  Hello,
  We are on NW04s and tryign to import ESS component and other standard components like SAP_JEE,SAP_BUILDT into the Consolidation system and import fails in between with the CBS Log as:
  Build number assigned: 7851
  Change request state from QUEUED to PROCESSING
  INTERNAL BUILD request in Build Space "D77_ESS11ADC_C" at Node ID: 778,177,350
       [id: 7,845; parentID: 7,539; type: 32]
  REQUEST PROCESSING started at 2007-12-14 23:25:37.149 GMT
  ===== Pre-Processing =====
  Calculate all combinations of components and variants to be built...
       "sap.com/ess/jp/fam" variant "default"
  Prepare build environment in the file system... started at 2007-12-14 23:25:37.227 GMT
       Synchronize development configuration... finished at 2007-12-14 23:25:37.227 GMT and took 0 ms
  Development line state verification started at 2007-12-14 23:25:41.336 GMT
  Verification of the development line [ws/ESS11ADC/sap.com_SAP_ESS/cons/active/] SUCCEEDED
  Development line state verification finished at 2007-12-14 23:25:41.352 GMT and took 16 ms
  Cache verification, level 2 (Comparison of attributes) started at 2007-12-14 23:25:41.352 GMT
  Verification of the following object:
       [DC: sap.com/ess/jp/fam, group: 0] SUCCEEDED
  Cache verification finished at 2007-12-14 23:25:41.368 GMT and took 16 ms
       Synchronize component definitions... finished at 2007-12-14 23:25:41.446 GMT and took 4 s 219 ms
       Synchronize sources...
  ===== Pre-Processing =====  finished at 2007-12-14 23:25:50.227 GMT and took 13 s 78 ms
  Change request state from PROCESSING to FAILED
  ERROR! The following error occurred during request processing:java.lang.OutOfMemoryError
  Unknown reason (java.lang.OutOfMemoryError)
  REQUEST PROCESSING finished at 2007-12-14 23:25:50.243 GMT and took 13 s 94 ms
  What can be dome to fix the OutOfMemory Error...?
  Any help would be highly appreciated..

  Hi Shikhil,
  Please do the follwoing
  1. Incrrease the memory size by navigating to Check the CBS settings in the Visual Administrator->Services->Component Build Service-> Tab 'Properties' 
  2.Refer to this thread
  CMS Error importing into Consolidation System
  3.SAP NOTE 723909
  Thanks
  Pankaj

• Photos imported into wrong folder

  When running an import and setting destination to import into subfolder organised by date (2011/2011-04-29) the ophotos taken late in the day do not go into the correct folder, they import into the next days folder. It appears the calculation used for the import does not take into acct regional settings.
  Using lightroom 3.4 (also seen with 3.2 and 3.3)
  Any ideas other than manually sorting all photos?
  I notice that the Canon import software correctly sorts the photos, just have to use that then synchronise in lightroom, not good but at least till adobe fix the bug it will have to do.

  Can you find out exactly how many hours  difference there is ?
  Do you have some AM/PM problem?
  Are you shure your computer is in the right time-zone?
  Daylight savings corrected ?

• I have some dts cd's that I want to import into itunes on a windows pc and then play back on my apple tv 3 (i think its 3, about 9 months old) to listen to through my onkyo amp via hdmi as dts, when I play back I just get white noise.

  I have some dts cd's that I want to import into itunes on a windows pc and then play back on my apple tv 3 (i think its 3, about 9 months old) to listen to through my onkyo amp via hdmi as dts, when I play back I just get white noise. I have seen lots of old posts which go on about converting files but am wondering wherher at the current time with the latest versions of itunes and apple tv whether this should by now be a virtual play out of the box solution.
  I have tried connecting my atv to the amp by optical cable but that didnt produce anything better and am assuming that a hdmi cable should be able to reproduce everything an optical cable does.
  Is this something I should be able to achieve without having to recode the files?
  Tracks are imported to itunes as apple lossless, have tried setting the atv audio settings to auto and 16 bit, neither works yet I was told some time ago by an apple rep that the atv shoud be able to handle any type of audio as it just passes it to the amp to decode. I am not stupid but not that technical when it comes to audio and bitrates etc so any explaination would be appreciated.
  Thanks in advance for any help

  Willy, the procdedure you describe works perfectly for AppleTV G1. In fact, I frequently play DTS music discs ripped to my iTunes library as Apple Lossless (ALAC) and synched to the ATV. What happens is that, as far as iTunes and the ATV are concerned, a conventional stereo 16/44 audio file is being played; however my reciever detects the DTS data stream, and instead of outputting static, it decodes the 5.1 channels correctly. This process parallels the way DTS discs were designed to be played back: a conventional CD player is connceted, via digital out, to a DTS-aware reciever/pre-amp and the two channels of static are recognized as 6 channels of DTS-encoded audio.
  However this process will only work if the player (CD, ATV, PC, etc.) sends a "bit-perfect" 16 bit/44.1 khz data stream to the decoding device. In the case of ATV G2 and G3, as has been discussed elsewhere, the unit resmaples all audio - including 16/44 PCM (Redbook CD)  - to 16/48. While this is not a big deal for conventional audio CDs, MP3s, and AAC files, it mangles the fragile DTS datastream and renders it undecodable. The resulting static that you hear is just like the static you would hear if you played a DTS CD on a non-DTS capable system.
  Sadly, I'm not aware of any easy way around this. You could use a program like Foobar (and the DTS plugin) to convert your DTS CDs to 6-ch .wav or .flac file. From there you could transcode the file to AC-3 and then mux it into a video container that ATV supports. You may need add a dummy video track, for iTunes/AppleTV to be ok with the file, though I'm not sure. This may be a lot of work.
  Sorry for the bad news. I wish that the iTunes/ATV ecosystem had better multi-channel audio support.
  Steven

• I have Iphoto '09, version 8.1.2 (424). I am having an identical problem.  All my pictures are imported into Iphoto when I downloaded them from my camera.  Until recently, I thought that the pictures were actually saved in the library.  Since I need to cr

  I have Iphoto '09, version 8.1.2 (424). I am having an identical problem.  All my pictures are imported into Iphoto when I downloaded them from my camera.  Until recently, I thought that the pictures were actually saved in the library.  Since I need to crop my pictures for the web, and Iphoto doesn't do that, I purchased Photoshop Elements to do that.  To my surprise, when I try to get a picture from Iphoto to Photoshop, it can't be done. That was when I realized, after wasting a lot of time, that the photos are not in the Iphoto library.
  I started naming the pictures on Iphoto so I had a recognizable file name to open on Photoshop. Couldn't find it.  I looked in the Backup folder and the Transfer software folder (I have a Nikon camera), and the names I entered in the Iphoto display, could not be found.
  When I am trying to upload a photo to the web, I get the Finder folder showing  with an active folder called "Photos" under "Media", which only displays Iphoto and PhotoBooth.  This is a folder name that I cannot find in my HD anywhere when I look for it.  If I edit a picture with Photoshop, I am not going to save it back to Iphoto (not sure whether it will work properly).  How do I get my folder of edited photos to show when I want to upload a picture to the web?
  Where (the name of the folder) do I find the pictures I see displayed on the Iphoto library, including any name changes, keywords added, and so on?

  See my response to your other post.

• Older DV Tapes Will Not Play or Import Into iMovie

  I have a lot of DV tapes shot ten years ago on a JVC camcorder that I want to import into iMovie.
  I have a new Canon Vixia hv 30 and I'm assuming these older mini DV tapes are compatible because these old tapes play fine in the camcorder itself, and also on my TV, but when I try to import them into iMovie, they do not display in the iMovie import window. However, new tapes shot recently with the new hv 30 display and import just fine.
  Is there a problem with the old tapes being incompatible in some way I'm not understanding?
  Dino1956 answered a similar problem in 2008:
  *iMovie Camcorder Import Fix*
  *Connect your camera. put it in 'play' mode (sometimes also called vcr). start up imovie (hd or 08; both work, but i use HD). go to the blue 'import' screen. it should just say 'camera connected'.*
  *Now comes the trick. don't click import, but instead put your camera in 'record' mode. you should now see whatever it is that your aiming the camera at on your computer screen.*
  *QUICKLY put your camera back in play mode. again very quickly press the 'play' button, either on the imovie import screen or on your camera. your DV tape will start to play back.*
  *-On my computer, the video now suddenly shows up in imovie! You can now click the 'import' button in imovie, and imovie will start importing the tape in realtime. This is a bit slower than the normal import method, but hey, at least you can now get your video into imovie!*
  ...but this solution doesn't work for me. I cannot "quickly" click the Play button on the camera monitor or in the iMovie window after switching from record to Play on the camera because there is a 5 second time lag on both the camera's monitor and in the iMovie window while the iMovie screen/camera monitor switches over from Record to Play.
  Is there any way I can get older DV footage into iMovie from my Vixia hv 30? My resources are at a very low ebb right now.

  I found a clue on the www.hv20 website: Old DV tapes recorded before HDV...you need to go into the hv 30 menu and select "DV" rather than "HDV", then the video shows up in the iMovie import screen and imports easily.

• How can I stop Compulations CDs from being broken up into multiple different Albums when imported into Itunes?

  I am currently using Itunes 10.6.1.7.  When I attempt to import my CDs, any that are Compulation Cds (with multiple artists), the CDs aren't being imported into the same folder and are broken into multiple listing in my Itunes library.
  How can change this so that they are imported only by Album?

  I think even using Get Info may not reveal the change, though it is possible the behaviour has altered since I last tested it. Playing or updating the tracks location in a script such as UpdateTagInfo seems to get iTunes to re-evaluate the tag.
  Assuming WMP is involved it may be best to make the necessary settings adjustments to prevent further changes, use the script to get all of the background changes exposed within iTunes, then correct as you see fit. Alternatively I do have another script called ExportImport that could be used to back up the current state of your tags (you should temporarily rename the media folder during the export phase), after which you would then run UpdateTagInfo and then use ExplortImport in its import mode to restore the corrupted data.
  tt2

• Maximum number of photos that can be imported into an iPhoto library?

  1. Does iPhoto have a maximum number of files or photos that it can handle in a single library?
  I have a lot of photos (20GB) that have not yet been imported into an iPhoto Library. I am going to set up a new library with the iPhoto Library Manager (iPLM), but am wondering if there is a maximum number of files that can be handled in a single library?
  2. Also, I don't think I want to import these, since that would create an iPhoto library as large as the source files. Are there any problems if I set up the preferences so that this library will not have the graphics imported into it?
  3. With iPLM, can you have different sets of preferences for each library?
  Thank you for any advice or suggestions.

  1. Does iPhoto have a maximum number of files or photos that it can handle in a single library?
  Apple advertises that iPhoto will handle 250,000 photos - I doubt that anyone has come close to that (or will)
  I have 19,278 in 237 events - 22 GB - on a G5 iMac and it is snappy with no issues
  I have a lot of photos (20GB) that have not yet been imported into an iPhoto Library. I am going to set up a new library with the iPhoto Library Manager (iPLM), but am wondering if there is a maximum number of files that can be handled in a single library?
  If you want those should be fine in one library
  2. Also, I don't think I want to import these, since that would create an iPhoto library as large as the source files. Are there any problems if I set up the preferences so that this library will not have the graphics imported into it?
  It is a choice - if you do NOT import them then you will be responsible for all future management - deleting, etc. Moving to a different location or computer is much more difficult if you reference your photos instead of importing them.
  Many people import them, burn the original source photos to CD or DVD and delete them from their disk letting iPhoto manage them
  3. With iPLM, can you have different sets of preferences for each library?
  I'm not sure but I do not think so
  Larry Nebel
  Message was edited by: LarryHN