The Password Editor is automatically invoked when the user double-clicks on the userPassword attribute or any other attribute that uses an ldapSyntax OID of 1.3.6.1.4.1.1466.115.121.1.40. It supports the defined password encoding methods (PLAIN, {MD5}, {SMD5}, {SHA}, {SSHA}) but not {CRYPT} since this can be OS specific.
Note: In addition to the above LDAPviewer provides an extended schema file (.schemax) which allows the user to define attributes whose values will be masked. These attributes also invoke the Password Editor.
The Password Editor Window is shown below (the attribute name being edited is always shown in the Window title bar):
If the attribute being edited contains a value it is displayed in the line Enter Password: otherwise this line will be empty.
If the password uses one of the standard password encoding methods then the line will contain a keyword indicating the encryption format, for example {MD5} followed by gobbledegook (technically a string of base 64 encoded characters) and the drop-down menu at the bottom will indicate the encoding method.
If the password is in Plain text it may be edited directly in the Enter Password: line. If using an encryption method the entire Enter Password line should be deleted and the new password entered (in plain text).
In all cases it is necessary to re-enter the same password in the Re-enter Password: line.
Any required encoding method should be selected from the drop down menu as shown:
Clicking this button will validate that values of Enter Password: and Re-enter Password: are both present and identical (case sensitive). If the Re-enter Password: is empty:
If the Enter Password: and Re-enter Password: fields are not identical (case sensitive):
If the Unknown or CRYPT method is selected the following error message will appear:
If all the above tests are passed the current value in the Enter Password: line (encypted as appropriate) will be saved to the attribute and the Password Editor Window will be closed. If there is no value(both the Enter Password: and the Re-enter Password: lines are empty) then an empty attribute will result which will cause it to be deleted when the entry is updated.
Note: While it may appear counter-intuitive most passwords fields, including userPassword, are multi-valued.
Unconditionally closes the editor window without saving any user changes. The attribute field is unchanged.
Displays this page.
© LV Project 2016. Creative Commons Attribution 4.0 International License.