site_archiver@lists.apple.com Delivered-To: darwin-dev@lists.apple.com Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=jFHYSLvRb7k0mqdcJr+4CsMJ+iszhODiDSnfYnQ3eHwgzuU9pl1ByrgcoCDdyGxnppRDsZLI5Uh84Jo6PKhTFR+ovRp7nYeAdhXtcNuxFwFIZojaXm/up+6xT2393x07K+3Gv6TjZBD6ETm7rGIc65wuCbW+dr96F/w3aUVqklg= In Tiger, it looks like loginwindow's authentication is using dsAuthMethodStandard:dsAuthNodeNativeCannotUseClearText rather than dsAuthMethodStandard:dsAuthNodeNativeCanUseClearText However, the LDAPv3 plugin appears to only understand {crypt} and {SMD5} format passwords. Generally it is recommended that {SHA1} or {SSHA1} is used. The manifestation of this is that you can't log in to the GUI whilst authenticating against an LDAP server whose user accounts have passwords stored in SHA-1 hashes, but you can log in using ssh (and possibly other stuff). Have I missed something? If not, I'll file a bug :-) -- Finlay _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.appl... This email sent to site_archiver@lists.apple.com