Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.
Anonymous_User Absent Member.
Absent Member.
384 views

LDAP binding against 3DES hashed Universal password


I'm using UnboundID as the API to connect to an eDirectory LDAP server
for user authentication. I have been told the user password are hashed
in 3DES under Universal Password. Now, when I bind against the eDir
LDAP server, do I supply the plain text password or the actual 3DES
hashed value?


--
CrippledE39
------------------------------------------------------------------------
CrippledE39's Profile: https://forums.netiq.com/member.php?userid=5489
View this thread: https://forums.netiq.com/showthread.php?t=48213

Labels (1)
0 Likes
1 Reply
Anonymous_User Absent Member.
Absent Member.

Re: LDAP binding against 3DES hashed Universal password

3DES is not a hash... it is a reversible encryption algorithm.

Anytime you bind to check against NDS Password or (in your case) Universal
Password (UP) you should send the cleartext value of the password since
that is what LDAP expects for a simple bind per RFC. You have no way of
knowing what the encrypted (not hashed) value of the password is since
your application that is not eDirectory does not have all of the keys to
encrypt the value in the first place.

Good luck.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.