So, our employees use the Zimbra OpenLDAP, however, since this doesnt include PosixAccount we cant automatically link it to our Synology.
So my boss wanted me to create an OpenLDAP Database, and automatically import the Users from the ZimbraLDAP every 6 hours or so and link our Synology to this new OpenLDAP, which would also be a safe enviroment for our inters to work with LDAP.
Before you ask, I cant change the Zimbra OpenLDAP for varanty reasons.
So everything worked splendidly, the User where imported and the Synology could finally see these users. However, the password did not work. After looking over the export files i realized that Zimbra uses SSHA512 to hash the passwords, which isnt recognized by my OpenLDAP.
However, i cant seem to find any way of installing patches for it, since apparently OpenLDAP changed its structure and every information i found was outdated.
Does anybody know of an easy way to teach OpenLDAP SSHA512 with a recent installation?
Best Answer
pw-sha2.so
is not enabled by default on stock installation on OpenLDAP.You would need to edit Makefile and run make and make install from the
contrib/slapd-modules/passwd/sha2
directory in your source tree.Next you need to import sha2 module in OpenLDAP by adding to
cn=config
the following ldif:For instance in a stock Debian this is done with
Now sinology can recognize sha2 passwords.
Just for reference (I don't think you would need it), if you wish changed passwords on Sinology with ldappasswd be in SSHA-512, add also: