Hello everyone,
this is my first message here, and as you could have guessed I have an issue.
I’m using Nextcloud 13.0.3 on Alpine Linux 3.7, and it works great except for one thing :
changing password within my LDAP.
My OpenLDAP server is hosted on a Debian Jessie machine, slapd version is 2.4.40, and I also use phpLDAPadmin version 1.2.2 to manage it.
For the background, I followed this tuto in order to make my LDAP running, and it works smoothly with the LDAP/AD nextcloud app.
Troubles came when I activated the password change: users can change their own passwords, but by default it’s stored in plain text in the LDAP. The nextcloud admin manual indeed advises to configure the ppolicy_hash_cleartext directive of the overlay.
Being underskilled in LDAP, I followed this tutorial. But I cannot activate the ppolicy module: I stumble on a
adding new entry "cn=module{0},cn=config"
ldap_add: Naming violation (64)
when I run the command ldapmodify -D "cn=admin,cn=config" -W -a -f ppolicymodule.ldif .
How can I implement the recommendations of the manual, i.e. activate hashing by default?
I know it might not be the best place to ask this question, as it is more related to the LDAP configuration. However, I hope someone had the same problem but sorted it out!
Thank you in advance,
a sysadmin who would like to store passwords securely
ps: I voluntarily didn’t put tons of config, not to flood the post, but please feel free to ask.