LDAP Password Contents
419174May 14 2004 — edited May 25 2004Hi all,
So I pulled the password attributes for a given user using the dbms_ldap stored procedure.
The password for this user is "test1".
I get the following attributes:
orclpassword : {x- orcldbpwd}1.0:523BF4BAE571A153
authpassword;oid : {SASL/MD5}F3eG3peFtAs8aSCyCxCogQ==
authpassword;oid : {SASL/MD5-DN}hFbTwzN2Cv6/TRqMOPwmwQ==
authpassword;oid : {SASL/MD5-U}VlczlhpjRYLT8SWMImhZNQ==
authpassword;orclcommonpwd : {MD5}WhBei51A4TKXgNYuoiZdig==
authpassword;orclcommonpwd : {X- ORCLIFSMD5}w99/G3Ul7tx/wkWP9ugstg==
authpassword;orclcommonpwd : {X- ORCLWEBDAV}NuR48yv0ClZlDZS07JzFNg==
authpassword;orclcommonpwd : {X- ORCLLMV}E88D94D6EBD10FC7AAD3B435B51404EE
authpassword;orclcommonpwd : {X- ORCLNTV}AACD12D27C87CAC8FC0B8538AED6F058
orclactivestartdate : 20040226000000z
userpassword : {MD4}954AKsFjB4xnP6LDIeXmbw==
I then encoded the user's password using MD5 and that value did not match anything is the returned LDAP attributes?
I am using the PHP MD5 function to encode the known password.
The MD5 encoded value for "test1" with PHP is 5a105e8b9d40e1329780d62ea2265d8a
Does anyone know what is up with that and what is stored in these LDAP attrs?
I can only assume that:
1. something else is stored with the password to obscure the direct MD5 comparison.
or
2. The main OID password is encoded with MD4 - if that is the case what are all the other passwords?
Thanks for any help.
- Paul