Must a Samba PDC use encrypted passwords?

Gerald W. Carter cartegw at Eng.Auburn.EDU
Sun Jun 7 11:37:50 GMT 1998

On Sun, 7 Jun 1998, Bernie Kirby wrote:

> 	If this option actually encrypts the passords on the fly, then
> would it not then be possible to first encrypt it unix-style, then
> check it against a normal unix passwd file, and then if that checks out,
> second, encrypt it NT style, and then use that version to do all the 'NT' 
> related things that are required?
> Assumption: Needs clear text passwords enabled on the NT machines.

Problem with this is that certain NT actions are unable to send the clear
text password ( as per protocol design ) such as machine account password
changes as well as domain logins.  In fact I think the only action that
will generate a plain text password being sent over the wire is accessing

                            Gerald ( Jerry ) Carter	
Engineering Network Services                           Auburn University 
jerry at   

       "...a hundred billion castaways looking for a home."
                                  - Sting "Message in a Bottle" ( 1979 )

More information about the samba-ntdom mailing list