Must a Samba PDC use encrypted passwords?

Gerald Carter cartegw at Eng.Auburn.EDU
Mon Jun 8 18:37:16 GMT 1998

William Stuart wrote:
> Can one of the FAQ maintainers start a password change matrix of what
> works vs. what dosen't work vs. what password database vs. whether 
> NT/95 vs. can/cannot change UNIX password.

The confusion is that people are talking about different things.  See
comments below.

> This whole thing is getting out of hand.  Searching the archvies is
> becoming difficult, because it take a lot of work to make sure you are 
> on the right page.  For instance, I was under the impression that NT 
> machines were changing passwords on SAMBA PDC's from message 0704 in 
> the samba-ntdom list (search on "happily").  It appears this is not 
> the case because of a message today from Jeremy saying it was on his 
> list to add it.

Machines are "happily" changing their password.  Not users.  Too my
knowledge, changing your password on a Samba PDC from an NT client
machine has never been supported nor advertised as working.  The problem
is in the encryption method ( NTLMSSP ? )

Windows 95 clients are able to change their password ( assuming the
server supports the ALLOW_CHANGE_PASSWORD code ) via the control panel. 
The unix password is changed as well ( see the "unix password sync"
option ).

Luke, could you comment on what has been checked in and works as far as
alternative password databases is concerned?  Is anything other than
private/smbpasswd supposed to work with samba acting as a PDC yet?

Corrections welcome as always,
                            Gerald ( Jerry ) Carter	
Engineering Network Services                           Auburn University 
jerry at   

       "...a hundred billion castaways looking for a home."
                                  - Sting "Message in a Bottle" ( 1979 )

More information about the samba-ntdom mailing list