Question about security

Jeremy Allison jeremy at
Tue Jun 6 14:16:27 GMT 2000

> Someone within my company expressed the follow view:
> > I was told that Unix servers running SAMBA can display NT passwords in
> > clear text when they provide file sharing services for NT
> > workstations.  Was a determination ever made if we allow this type of
> > system to access the enterprise NT domain controllers?
> Can someone clarify this statement.  Here is the [global] section from
> by smb.conf file if that matters at all.  I'm running 2.0.6 on both
> Solaris and HP-UX boxes.

Whoever said that doesn't understand the authentication
they depend upon in their NT network. I hope said person
is not in any position of authority w.r.t. your NT network :-) :-).

Using your smb.conf setting no plaintext passwords will
be seen on the network, only the challenge/response pairs
(which will be seen on any NT network also).


	Jeremy Allison,
	Samba Team.

Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.

More information about the samba-ntdom mailing list