LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-17-2013, 12:25 PM   #1
vignesh_murali2003
LQ Newbie
 
Registered: Jun 2013
Posts: 24

Rep: Reputation: Disabled
View crypted password in openldap


Hi when I give the below command i see
ldapsearch -x -b 'dc=example,dc=com' 'uid=user'
# extended LDIF
#
# LDAPv3
# base <dc=example,dc=com> with scope subtree
# filter: uid=user
# requesting: ALL
#

# user, People, example.com
dn: uid=user,ou=People,dc=example,dc=com
cn: user 1
uid: user
uidNumber: 1026
gidNumber: 100
objectClass: posixAccount
objectClass: shadowAccount
objectClass: person
objectClass: inetOrgPerson
gecos: user
sn: user
loginShell: /bin/bash
homeDirectory: /home/user

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
Is ther any way to see the password of that user?
 
Old 07-17-2013, 02:30 PM   #2
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 17,921

Rep: Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690
Quote:
Originally Posted by vignesh_murali2003 View Post
Hi when I give the below command i see
Code:
 ldapsearch -x -b   'dc=example,dc=com' 'uid=user'
# extended LDIF
#
# LDAPv3
# base <dc=example,dc=com> with scope subtree
# filter: uid=user
# requesting: ALL
#

# user, People, example.com
dn: uid=user,ou=People,dc=example,dc=com
cn: user 1
uid: user
uidNumber: 1026
gidNumber: 100
objectClass: posixAccount
objectClass: shadowAccount
objectClass: person
objectClass: inetOrgPerson
gecos: user
sn: user
loginShell: /bin/bash
homeDirectory: /home/user

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
Is ther any way to see the password of that user?
No...why would there be? The passwords are encrypted so they CAN'T be viewed.
 
Old 07-17-2013, 02:39 PM   #3
shivaa
Senior Member
 
Registered: Jul 2012
Location: Grenoble, Fr.
Distribution: Sun Solaris, RHEL, Ubuntu, Debian 6.0
Posts: 1,800
Blog Entries: 4

Rep: Reputation: 286Reputation: 286Reputation: 286
This is not ethical and ldap do not allow you to view user passwords. As a ldap admin, you can see password in encrypted form only and in case if you want to recover some user's password, then better reset it.
 
Old 07-17-2013, 02:49 PM   #4
vignesh_murali2003
LQ Newbie
 
Registered: Jun 2013
Posts: 24

Original Poster
Rep: Reputation: Disabled
The thing is am writing a php program for authentication of users for our database. I wanted to have ldap authorization for the database. I used annonymous bind and wanted to compare the password that the users type with that of ldap database using ldap search command. Maybe my approach is wrong?
 
Old 07-17-2013, 03:11 PM   #5
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 17,921

Rep: Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690
Quote:
Originally Posted by vignesh_murali2003 View Post
The thing is am writing a php program for authentication of users for our database. I wanted to have ldap authorization for the database. I used annonymous bind and wanted to compare the password that the users type with that of ldap database using ldap search command. Maybe my approach is wrong?
Yes, it is. If you're writing PHP code, use the LDAP functions to authenticate and report back on whether the bind is successful or not. Decrypting (or ATTEMPTING to decrypt) a password for that reason is poor coding at best....shady/unethical at worst.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Openldap Password Policy evocage Linux - Server 0 02-04-2012 05:31 AM
Openldap Password evocage Linux - Server 6 01-31-2012 12:51 AM
Need help on openldap password management kar_thik82 Linux - Security 1 12-12-2011 10:11 AM
OpenLDAP (2.4.23) + Password Policies FragInHell Linux - Software 2 11-14-2011 12:28 AM
Password change with OpenLDAP 2.4.11 john_es Linux - Server 2 03-13-2009 07:11 AM


All times are GMT -5. The time now is 10:05 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration