Getting PBKDF2_SHA256 error messages in FIPS mode.
Issue
User is unable to connect and the LDAP errors log contains error message related to the PBKDF2_SHA256 password storage scheme.
For instance:
$ grep "ERR - PBKDF2_SHA256" /var/log/dirsrv/slapd-<INSTANCE_NAME>/errors | tail -4
[27/Sep/2021:19:44:54.852334019 +0000] - ERR - PBKDF2_SHA256 - Unable to extract hash output.
[27/Sep/2021:19:44:54.855354085 +0000] - ERR - PBKDF2_SHA256 - Unable to hash userpwd value
[27/Sep/2021:19:44:57.628779019 +0000] - ERR - PBKDF2_SHA256 - Unable to extract hash output.
[27/Sep/2021:19:44:57.631652807 +0000] - ERR - PBKDF2_SHA256 - Unable to hash userpwd value
$
Environment
Red Hat Enterprise Linux 8
Red Hat Directory Server 11
Identity Management - IPA 4.8.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.