Password sync

Jean Francois Micouleau Jean-Francois.Micouleau at
Thu Jul 20 08:40:30 GMT 2000

On Thu, 20 Jul 2000, Simo Sorce wrote:

> The problem is not only the Lm hash.
> The problem is that what goes on the network is the hash (NT hash, LM
> hash it does not matter).

No. What goes on the network is a challenge/response. The clear text
equivalent hashes are not sent directly.

> If there anyone interested, is there anyone working or knowing a method
> to replace msgina.dll (the module that do the authentication method) to
> use with samba PDC and that does not break Domain/Profiles/Permissions
> behaviours?

correct way to do it is at the lsa layer and not the gina one.

If you want stronger security go to NT2K and kerberos.

> I've tested nisgina but as my users really leaps from a machine to
> another any time It will not work very well (and I do not like much
> plain NIS as well 8] ).

nisgina doesn't work at all with roaming profiles as it creates local SID.


More information about the samba-ntdom mailing list