I’ve been trying to figure out how to change the hashing method of openldap from SHA to something more secure (specifically SHA2). After spending hours trying to custom compile it with a special overlay I found out how to use the unix crypt command. Of course, the instructions were for slapd.conf, not for olc.
It’s pretty straightforward, just add the following 2 lines to
This will of course break all of your passwords, so be careful.