ldap lpPassword and ntPassword fields

Luke Kenneth Casson Leighton lkcl at switchboard.net
Tue Dec 15 19:41:51 GMT 1998

On Wed, 16 Dec 1998, Jean Francois Micouleau wrote:

> On Wed, 16 Dec 1998, Matthew Chapman wrote:
> > Yep, ok, but some people will want to point Samba at existing LDAP servers
> > somewhere else. If you recommend replicating to a local LDAP server than
> > the replication happens in the clear which isn't nice either...
> I agree. BTW, replication is more to off-load an LDAP server when reading
> entries. Because when you modify a record it's always on the main LDAP
> server.
> For people using LDAP servers only compliant to the version 2 protocol,
> the datas are transmitted in clear text form.

ok, we may be able to make some modifications to pwdb_get_hex_pwd() and
set_hex_pwd() to encrypt the password string with some privately stored
information, e.g. syskey like nt does.

More information about the samba-technical mailing list