Bug ID 1112999
Summary User Password Not getting Stored in MD5 Hash
Classification openSUSE
Product openSUSE Distribution
Version Leap 15.0
Hardware i386
OS All
Status NEW
Severity Major
Priority P5 - None
Component Security
Assignee security-team@suse.de
Reporter cp@smart.org.in
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

Created attachment 786940 [details]
This document contains the screen grabs of the Issue we have observed.

Hi
We were trying to implement Directory service for the Desktop login. We have
Opensuse Leap 15 Implemented. We have installed and configured the 389-DS
Server. 
There are several issues we encountered out of them one of the biggest was
Creating users through Yast and setting the password for the users.

By Default the Users created in 389-ds the password is encrypted in SHA256
which is not supported by the Default by clients ( Opensuse Dektop Login). 

By Default the opensuse client ( Dektop login ) uses md5 hash. Until and unless
the password are not stored in MD5 the users are not able to authenticate.

We hd to use a third party tool LDAPADMIN to reset the password in md5 to make
the client login work.

We also tried setting up the encryption in user management to md5 still the
passwords were stored in SHA256. 
You are requested to refer the docx file we have attached to see our
observation.

Please let us know how we can
1> Change the Encryption used in client ( Desktop Login to SHA256)
2> Change the Encryption as used in 389-ds to store password.

You are receiving this mail because: