Must a Samba PDC use encrypted passwords?

Andy Smith abs at
Tue Jun 9 18:50:50 GMT 1998

On Wed, Jun 10, 1998 at 02:07:13AM +1000, Gerald W. Carter wrote:
> On Tue, 9 Jun 1998, CAE Samba Admin wrote:
> > 
> > > a new option has been added: "update encrypted".  run with this for a
> > > week; then move over to "encrypt passwords".
> > 
> > 	Just to clarify this in my mind...  If I have "update encrypted" I
> > have to have "encrypt passwords" off, which effectively breaks PDC
> > functionality, right?
> > 
> Yup.  Just a thought.  Has anyone tried using this with "password server"
> option as a way to get accounts froman NT PDC as a migration strategy?

I am migrating UNIX NIS users to NT at a rate of about 5 per week for
the next 3 months, I could really do with a strategy to automate it.
I've read as much as I can find, but I still cant see how to use this
in my particular situation  :-

I have a samba PDC (security = user) several samba domain clients
(security = domain) and an armful of NT4/sp3 desktops.  If I set
encryption = no and 'update encrypted' on the PDC, I have to visit
every existing NT4 desktop to tweak the registry to use cleartext, or
all the current users (71 so far) will fail to log in wont they?  I
already assumed that I missed that boat.

So, have I misinterpreted 'migration' completely, and you mean migrating
existing samba users? (all my samba users are first timers)  Or have I
missed something that allows me to have the samba domain clients
culling hashes?

  _          __         Maunsell Ltd, IT Unit    Tel  : 0181-663-6565
 /_|   _/   (  _  '_//  160 Croydon Road,        Fax  : 0181-663-6723
(  |/)(/(/ __)//)/ //)  Beckenham, Kent BR3 4DE  Email: abs at
        /               England.                 -or- abs at

More information about the samba-ntdom mailing list