ldap lpPassword and ntPassword fields
Jean Francois Micouleau
Jean-Francois.Micouleau at dalalu.fr
Tue Dec 15 18:49:20 GMT 1998
On Wed, 16 Dec 1998, Matthew Chapman wrote:
> Yep, ok, but some people will want to point Samba at existing LDAP servers
> somewhere else. If you recommend replicating to a local LDAP server than
> the replication happens in the clear which isn't nice either...
I agree. BTW, replication is more to off-load an LDAP server when reading
entries. Because when you modify a record it's always on the main LDAP
server.
For people using LDAP servers only compliant to the version 2 protocol,
the datas are transmitted in clear text form.
LDAP protocol version 3 include some crypting solutions based on SSL/TLS
IIRC.
> Seeing many people are happy with registry hacks to enable
> totally cleartext passwords (not even hashes), I don't think this is such
> a big issue. But it's certainly something I would like to look into
> improving at some point.
Yep.
More information about the samba-technical
mailing list