Password sync
Jean Francois Micouleau
Jean-Francois.Micouleau at dalalu.fr
Thu Jul 20 08:40:30 GMT 2000
On Thu, 20 Jul 2000, Simo Sorce wrote:
> The problem is not only the Lm hash.
> The problem is that what goes on the network is the hash (NT hash, LM
> hash it does not matter).
No. What goes on the network is a challenge/response. The clear text
equivalent hashes are not sent directly.
> If there anyone interested, is there anyone working or knowing a method
> to replace msgina.dll (the module that do the authentication method) to
> use with samba PDC and that does not break Domain/Profiles/Permissions
> behaviours?
correct way to do it is at the lsa layer and not the gina one.
If you want stronger security go to NT2K and kerberos.
> I've tested nisgina but as my users really leaps from a machine to
> another any time It will not work very well (and I do not like much
> plain NIS as well 8] ).
nisgina doesn't work at all with roaming profiles as it creates local SID.
J.F.
More information about the samba-ntdom
mailing list