Details
-
Bug
-
Resolution: Fixed
-
Low
-
2.5.2, 2.6.2
-
None
-
Windows Standalone,
Description
When using the User Import (CSV importer), if we set [Are your passwords encrypted = 'yes'] and import users with MD5 encrypted password, the password will be encrypted again when it gets imported to the external directory.
I have tried this feature with Crowd v 2.5.2 and 2.6.2. The external directory in use is ApacheDS and I have set the directory configuration of Apache DS to use MD5.
Repro steps
- Create an ldap connector (e.g. ApacheDS with MD5 password encoding for ease of testing)
- Import users from CSV, ticking the "passwords are already encrypted" radio box
Observed
In LDAP directory, the saved value is MD5 hashed again
Expected
It should be stored the same as it was in the CSV file