10 Jul
2016
10 Jul
'16
1:37 p.m.
You sure you're not returning multiple password attributes from LDAP?
Aki
pass_attrs = 'mail=user, userPlaintextPassword=password_noscheme, =proxy=y, =pass=%{ldap:userPlaintextPassword}, =host=%{ldap:mailstoreHost}'
I am returning the same password attribute into different fields : password_noscheme - to auth the user pass = to send plaintext password to backend
This is the only workable solution I could muster to terminate encrypted passwords on the proxy layer.