From the docs I got this config that works but use a salt,
password-hash {CRYPT} password-crypt-salt-format "$6$%.16s"
and I need to store passwords in the LDAP directory that have been generated without salt encryption.
You had better to use another password storage scheme that does not do salting like {SHA} or {MD5} instead of {CRYPT} :
password-hash {SHA}
If using {CRYPT} is a requirement :
You can still provide a static salt (! bad, unsecure, nearly as if no salt !), just comply with the given format:
password-crypt-salt-format "$6$%.16s"
$6$ is the crypt identifier for the SHA512 schema, and we provide a 16-chars long salt :
~$ mkpasswd -m sha-512 --salt 'verybadseasoning' secret1
$6$verybadseasoning$Q2kceqwB2uYT2tU./QF.qRCIWjMQdObEAZ71Ni5Ko1zJOnxUwpu3oMeyjtgiR3hSVHIT20Ay9V1.pXaNhkHYk/
~$ mkpasswd -m sha-512 --salt 'verybadseasoning' secret2
$6$verybadseasoning$SHof1u2BCPJhYoVOk.LkWax7n5g28rzMkNCRAC5NmlT29GSeWLAlv2AoSkOS4rYfMUXsmTcyIxKDUU8aL7TlP0
Note that mkpasswd won't allow using an empty salt :
~$ mkpasswd -m sha-512 --salt '' secret
Wrong salt length: 0 bytes when 8 <= n <= 16 expected.
Or you can try to make crypt ignore the given/generated salt string whatever it is (by taking zero character from it) :
password-crypt-salt-format "$6$%.0s"
It tells crypt() to use a SHA512 algorithm, the %s being substituted with a string of zero characters of salt (%.0s). I can't tell if slapd makes the %s conversion mandatory or not, but setting just "$6$" without any substitution for salting may do the trick as it means the same (no salt), i.e :
~$ php -r 'print(crypt("secret", "$6$"));'
$6$$2M9DchxW4txWyTYoZrH9D3VvAAQxBpEezYsLY6Cao.jwzEXpyL9xwip9hiUZX7GqTqe/E/z6iKvZqXUuqniQH.
See slapd.conf(5)
Note that a lack of salt exposes your system to dictionary attacks.