Re: libnss-pam-ldapd: retrieve password information from an LDAP user?

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Arthur de Jong <arthur [at] arthurdejong.org>
To: Andrea Sighinolfi <andrea.sighinolfi [at] sitti.it>, nss-pam-ldapd-users [at] lists.arthurdejong.org
Subject: Re: libnss-pam-ldapd: retrieve password information from an LDAP user?
Date: Wed, 31 Mar 2021 23:54:16 +0200

Hi Andrea,

On Mon, 2021-03-29 at 10:32 +0200, Andrea Sighinolfi wrote:
> I would like to know if it is possible to read the password from an
> LDAP user through the glibc function like getpwnam / getspnam. They
> work for normal local users, but they seems to not work for remote
> LDAP users.

I assume you mean the password hash as it is stored in the userPassword
attribute in LDAP. By default nslcd only returns "*" as password hash 
as a security measure (safe default) but you can enable returning the
actual hash with the following in nslcd.conf:

  map passwd userPassword userPassword

For more details see
https://arthurdejong.org/nss-pam-ldapd/nslcd.conf.5#map

Hope this helps,

-- 
-- arthur - arthur@arthurdejong.org - https://arthurdejong.org/ --

libnss-pam-ldapd: retrieve password information from an LDAP user?, Andrea Sighinolfi
- Re: libnss-pam-ldapd: retrieve password information from an LDAP user?, Arthur de Jong

Prev by Date: libnss-pam-ldapd: retrieve password information from an LDAP user?
Next by Date: Re: libnss-pam-ldapd: retrieve password information from an LDAP user?
Previous by thread: libnss-pam-ldapd: retrieve password information from an LDAP user?
Next by thread: Re: libnss-pam-ldapd: retrieve password information from an LDAP user?