-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 14 Jun 2016, Leon Kyneur wrote:
For each user Store supported password schemes as LDAP attributes: userPasswordCRAM-MD5: {CRAM-MD5}xxx userPasswordDIGEST-MD5: {DIGEST-MD5}xxxx userPasswordSCRAM: {SCRAM-SHA-1}xxxx userPasswordNTLM: {NTLM}xxxx
then: =password=%{ldap:userPassword%m} <- Though this doesn't work.. just wondering if it could possibly work or if I should give up on this crazy idea :)
did you've tried:
userPassword%m=password
but I assume that these scripts are pulled in before %m is known.
You could try to add one *auth* entry per mechanism and per person:
mechanism=CRAM-MD5,uid=user,...
and user mechanism=%m in the filter
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEVAwUBV2PPEHz1H7kL/d9rAQKxpwf+OOBqCUMT8pMuh6k9g/st2jojEigJIPue deo2QDfhYnAf5qz7IlCT0DjE3JuCktMAsZX2jtDe2Y0/wHgclKg+graS70aitMjV 5uttJM9llUuVtd1NFV3Qk/w/RqBtrksWozfmkcAlJVrtgQjnOqwHpgP08ZFfbujP 60caUCqYFRMppP4+usrrQML/Bkg4/RMHzpt4qH2h2XlJNdk/cfYLyrZbXfeS5t0/ PWs3MugDV91v9M+6kh11FALAN/xhZHZPaCSadh7EYwyWC6cjZWYcz2dqqwnl4PWZ i0BdYHmAFy9cjiiPuQwGt8p3tg7LUcRtaqLG56aqy/lzgiCka9fFfw== =1PlI -----END PGP SIGNATURE-----