LDAP: Administrator/Groups/RID
Matt Chapman
m.chapman at student.unsw.edu.au
Sun Jan 17 13:57:38 GMT 1999
Luke Kenneth Casson Leighton wrote:
> > lmpassword: 14875687C26E8C2990004151ADA7B438
> > ntpassword: E735EDF15BD6D35F6187C8DEC377D561
>
> remember that you have now sent everyone your nt and lm
> cleartext-equivalent passwords, please change them immediately.
Then again, many people send their smbpasswd files to this list, and that
contains much more of the same.
> matt, we *have* to do something about this.
Yep, that much I agree with :-)
Although newer servers do support some cool stuff I think we have very little
chance of doing any sort of passthrough CIFS authentication against a dumb LDAP
server; so we will still need to obtain the cleartext-equivalent hashes at the
Samba server to generate challenge responses there.
At the moment my best suggestion is to use an encrypting LDAP server or SSL.
Better solutions always welcome :-)
Matt
--
Matt Chapman
m.chapman at student.unsw.edu.au
More information about the samba-technical
mailing list