Loading ...
Sorry, an error occurred while loading the content.

Re: SMTP authentication issue

Expand Messages
  • Helga Mayer
    ... The first 8 characters matter. This looks like a problem of the backend. Though I have never heard that openldap restricts the password to 8 characters.
    Message 1 of 3 , Sep 3, 2012
    • 0 Attachment
      On 09/03/2012 09:51 AM, Selcuk Yazar wrote:
      > Hi,
      >
      > we have weird issue on postfix smtp
      > authenticaion(postfix-openldap-dovecot).
      >
      > one user enter wrong characters after his correct password
      > authentication again.
      > i mean
      >
      > user name jhondoe
      > password 12345678
      >
      > but when user authenticate 12345678__-- authenticate again.
      >
      > but when users enter a12345678 can't authenticate
      The first 8 characters matter. This looks like a problem of the backend.
      Though I have never heard that openldap restricts the password to 8
      characters.
      To my experience solaris does.
      >
      >
      Regards
      Helga Mayer
    • Gábor Lénárt
      On Mon, Sep 03, 2012 at 10:28:06AM +0200, Helga Mayer wrote: [...] ... Is it possible that LDAP contains DES ({crypt}) encrypted password? Then only the first
      Message 2 of 3 , Sep 3, 2012
      • 0 Attachment
        On Mon, Sep 03, 2012 at 10:28:06AM +0200, Helga Mayer wrote:
        [...]
        > >user name jhondoe
        > >password 12345678
        > >
        > >but when user authenticate 12345678__-- authenticate again.
        > >
        > >but when users enter a12345678 can't authenticate
        > The first 8 characters matter. This looks like a problem of the backend.
        > Though I have never heard that openldap restricts the password to 8
        > characters.
        > To my experience solaris does.

        Is it possible that LDAP contains DES ({crypt}) encrypted password? Then
        only the first 8 characters of the password counts, AFAIK. It's the
        limitation of the choosen password hash algorithm, one should select another
        one (also recommended because of the weakness of DES nowdays). IMHO.
      Your message has been successfully submitted and would be delivered to recipients shortly.