Move from unicodePwd to userPassword?
Luke Howard
lukeh at padl.com
Fri Dec 30 21:58:44 GMT 2005
>> Also, you might want to use an attribute other than userPassword if you
>> eventually want to support RFC 2307 (s. 5.3).
>
>Yes, I had meant to frame that as part of the question: Is there a
>good, standard attribute name I should consider for this?
For the cleartext password? None I can think of (except for userPassword,
of course).
If LDAP clients will never see the attribute it doesn't really matter.
You could even just use an OID. Or make it a Kerberos keytype and put
it in krb5Key. The latter is a little more akin to AD, which uses the
supplementalCredentials attribute to store a set of credentials tagged
by security package.
cheers,
-- luke
--
More information about the samba-technical
mailing list