Password Ldap syncing

Petr Spacek pspacek at
Thu Mar 21 04:10:09 EDT 2013

On 20.3.2013 15:02, sergio.conrad at wrote:
> Hello,
> I have a problem with password encryption
> There is at my work have an already in production ldap directory. The userPassword is
> encrypted in {SSHA}. I am not planning to introduce some modifications into this
> directory, but need the password to create Kerberos Principal.
> Is there a possibility to achieve this goal ?

IMHO you are trying to do tight integration between LDAP and Kerberos in very 
similar way as FreeIPA project does.

The web site of the project:

The web page is not very friendly, but the community *is*:

Also, it is possible to "hack" FreeIPA to enable LDAP<->Kerberos<->Samba 
password synchronization.

Ask FreeIPA users list for details :-) and have a nice day.

Petr^2 Spacek

More information about the Kerberos mailing list