ldap lpPassword and ntPassword fields
Luke Kenneth Casson Leighton
lkcl at switchboard.net
Tue Dec 15 19:41:51 GMT 1998
On Wed, 16 Dec 1998, Jean Francois Micouleau wrote:
>
>
> On Wed, 16 Dec 1998, Matthew Chapman wrote:
>
> > Yep, ok, but some people will want to point Samba at existing LDAP servers
> > somewhere else. If you recommend replicating to a local LDAP server than
> > the replication happens in the clear which isn't nice either...
>
> I agree. BTW, replication is more to off-load an LDAP server when reading
> entries. Because when you modify a record it's always on the main LDAP
> server.
>
> For people using LDAP servers only compliant to the version 2 protocol,
> the datas are transmitted in clear text form.
ok, we may be able to make some modifications to pwdb_get_hex_pwd() and
set_hex_pwd() to encrypt the password string with some privately stored
information, e.g. syskey like nt does.
More information about the samba-technical
mailing list