A crypted password, in the traditional unix sense, should be 13 characters long, and already in a base-64ish representation. It appeared to me, after reading a couple of incomplete sites documenting how this works in LDAP, is that since the password field is binary, it is always base64 encoded. This can be read as base64 encoding a string that is already base64 encoded.
I have since questioned the data I based my conclusion on, and all I can say at this point is... "I don't know" :)
| [reply] [Watch: Dir/Any] |
4) Any dn or rdn that contains characters other than those
defined as "SAFE-UTF8-CHAR", or begins with a character other
than those defined as "SAFE-INIT-UTF8-CHAR", above, MUST be
base-64 encoded. Other values MAY be base-64 encoded. Any
value that contains characters other than those defined as
"SAFE-CHAR", or begins with a character other than those
defined as "SAFE-INIT-CHAR", above, MUST be base-64 encoded.
Other values MAY be base-64 encoded.
So since we have {crypt} the{ triggers the base64 encoding if you slapcat the Directory data out into LDIF. it has nothing to do with whom or what added the {crypt} data to the directory in the first place.
Walking the road to enlightenment... I found a penguin and a camel on the way.....
Fancy a yourname@perl.me.uk? Just ask!!!
| [reply] [Watch: Dir/Any] |