Samba as PDC - unix/windows passwords

Simo Sorce simo.sorce at
Thu Jul 6 15:45:22 GMT 2000

J.L.Gilmour at wrote:
> Simo wrote:
> > If you have no problems to have clear text password floating on your
> > lan, than after SP3 you have to change a registry in NT 4 to let him
> > accept plain text password again.
> In this case the password's are already going unencrypted across the network
> between Unix boxes.
> > Doing this you may set encrypt passwords to no and unix password sync to
> > yes
> Yes, but once you set 'encrypt passwords' to no, the Samba server can't
> be a PDC.

Yes this may be.
Here I solved the problem by not permitting user to change their
password through windows or standard unix tools. Instead I have set up
an HTTPS server and I'm using PHP plus some setuid root executables to
update both nis and samba password databases.
Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano
E-mail: simo.sorce at 02 2399 2425 - 02 2399 2451
Be happy, use Linux!

More information about the samba-ntdom mailing list