AnsweredAssumed Answered

CA Directory password migration issue - SSHA with 128 bits SALT

Question asked by DavidForget on Jan 26, 2018
Latest reply on Jan 31, 2018 by Hitesh_Patel

Hello,

 

This is regarding CA Directory version 12.5.0 Build 12858.

 

We are migrating our current LDAP infrastructure to CA Directory and are experiencing issues migrating users with a hashed password using SSHA-1 with 128 bits.

 

Migrated user accounts with a hashed password using SSHA-512 with 64 bits SALT or SSHA-1 with 64 bits SALT are able to bind successfully to the CA Directory LDAP.

 

However, migrated user accounts with hashed password using SSHA-1 with 128 bits SALT are unable to bind and get "LDAP error code 49 -Invalid Credentials". It seems like CA Directory LDAP is not compatible with SSHA-1 passwords using SALT longer than 64 bits.

 

Can you confirm if CA Directory version 12.5.0 Build 12858 has a limitation with a SSHA-1 password with SALT longer than 64 bits?

 

Thanks for your help,

 

David

Outcomes