[Samba] update encypted and LDAP

Andrew Bartlett abartlet at samba.org
Wed Jun 11 00:09:43 GMT 2003 

On Wed, 2003-06-11 at 02:36, John H Terpstra wrote:
> On Tue, 10 Jun 2003, Martin Sapsed wrote:
> 
> > Andrew Bartlett wrote:
> > > On Tue, 2003-06-10 at 02:13, Martin Sapsed wrote:
> > >
> > >>Hello all,
> > >>
> > >>I'm currently trying out samba-3.0alpha24 and moving to samba-3.0.0beta1
> > >>since we're getting into XP and encrypted passwords etc. I was hoping to
> > >>set everyone (about 13,000 users) up on an LDAP (openLDAP) server with
> > >>just the Unix crypt passwords for now and run with
> > >>
> > >>encrypt passwords = no
> > >>update encrypted = yes
> > >>
> > >>for a while to populate the NT/LM password hashes before going over to
> > >>encrypted passwords for everyone. (Most clients are Win 9x using plain
> > >>text passwords against NIS at the moment.)
> > >>
> > >> From what I can see and have gathered from some searching, it looks
> > >>like "update encrypted" only works with an smbpasswd file. Is this the
> > >>case?
> > >
> > > The code routines call the passdb backend, whatever that may be.
> >
> > Testing a bit further seems to suggest that
> >
> > encrypt passwords = no
> >
> > doesn't work at all if you're using
> >
> > passdb backend = ldapsam:ldap://..., guest
> >
> > in 3.0alpha24. Is this a bug or a feature? ;-)
> 
> It's a feature. 

Well if it breaks 'update encrypted' it's a bug...

It's also (not default) possible to do plaintext auth against our NT
SAM, but that's just insane, stupid and very useful for testing :-)

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20030611/87681ccf/attachment.bin

More information about the samba mailing list