Ask a Question related to Sun Solaris, Design and Development.
-
Huibert Kivits #1
Differences in crypt() between AIX and Solaris ?
Hi everyone,
We've managed to make an AIX 4.3.3 system an LDAP client of iPlanet
Directory Server 5.1 SP2, running on Solaris 8. Sort of. Users in the
directory can logon to the AIX client system with the password supplied by
the administrator. Setting a password in the directory works fine for our
test users.
By the way, we use LDAP Administrator for managing users and groups.
Users are able to change their password in the directory, by using the AIX
passwd-command. This is evident from the various attributes that change in
the directory.
However, the administrator cannot verify the new password with LDAP
Administrator. And after changing the password, the user cannot login
anymore! The failed login count increases everytime, so it is clear that the
new password is not accepted or understood.
- The algorithm used is definitely crypt.
- Typos can be excluded.
- For the encrypted password string, it does not make any difference wether
"crypt" is written as "CRYPT", "crypt"or "Crypt". We checked and double
checked this.
So... is there any incompatibility between the crypt algorithm as used by
AIX and the one used by Solaris/iPlanet Directory server?
Any other idea as to what may be the cause?
Thanks
Huibert Kivits Guest
-
Crypt::DH Crypt::Random install problem
The Linux Test Project (ltp http://ltp.sourceforge.net/) perl file autoltp requires Net::SSH and Net::SFTP These ultimately require Crypt::DH which... -
Des::Crypt Will not Compile On Solaris 8 Using GCC
This is the error that I get on Several Machines. bash-2.05a# perl Makefile.PL Writing Makefile for Crypt::DES bash-2.05a# make cc -c ... -
Crypt:DES make problem on Solaris 9
Hi, I'm trying to install Crypt::DES module on a Solaris9 box and have the following problem when running make: gcc -c ... -
crypt function in PHP different from Perl's crypt?
Why returns the crypt function a longer strin than Perls crypt? I need the same length (8 chars) for a password field link its used in the... -
Question: C2 Security Configuration for general Unix and Solaris/Trusted Solaris (Auditing)
While reviewing the DoD 5200.28-STD "DEPARTMENT OF DEFENSE TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA" document and looking over "Security... -
Darren J Moffat #2 Re: Differences in crypt() between AIX and Solaris ?
On Sat, 02 Aug 2003 00:31:52 +0200, Huibert Kivits wrote:
crypt(3c) may not be the same on all UNIX systems since the> - The algorithm used is definitely crypt.
> So... is there any incompatibility between the crypt algorithm as used by
> AIX and the one used by Solaris/iPlanet Directory server?
> Any other idea as to what may be the cause?
output of the function is not part of the standards that defines
the API.
Since you said that your directory server is running on Solaris 8
we can rule out the enhanced version of crypt(3c) that is in
Solaris 9 (provides plugin support for crypt(3c) and ships with
plugins to support the md5crypt() and bcrypt() often seen on
Linux and *BSD systems).
You could also do some basic testing by writing a small program
to see what AIX produces with known input to crypt(3c) and
comparing it to Solaris.
When the user changes the password is it still prefixed in
the directory with "{CRYPT}" followed by 13 chars from, the
first of which is NOT a "$" ?
Setup a user with a known inital password, do the change from
a Solaris 8 (or Solaris 9) machine. Reset the password back
to the same cleartext (and make sure that the entry in the
directory is exactly the same as before), and redo the test
with AIX - is the output the same ?
--
Darren J Moffat
Darren J Moffat Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
