LDAP: Administrator/Groups/RID

Luke Kenneth Casson Leighton lkcl at switchboard.net
Sun Jan 17 17:52:24 GMT 1999

On Sun, 17 Jan 1999, Matt Chapman wrote:

> Then again, many people send their smbpasswd files to this list, and that
> contains much more of the same.

smb.conf files, yes: smbpasswd no.  oh, you mean to samba at samba.org (which
i'm not on)?
> > matt, we *have* to do something about this.
> Yep, that much I agree with :-)
> Although newer servers do support some cool stuff I think we have very little
> chance of doing any sort of passthrough CIFS authentication against a dumb LDAP
> server; so we will still need to obtain the cleartext-equivalent hashes at the
> Samba server to generate challenge responses there.

you're talking about, effectively, merging a DCE/RPC interface that
accepts NETLOGON NetrSamLogon requests onto an LDAP server, making the
LDAP server the PDC.
> At the moment my best suggestion is to use an encrypting LDAP server or SSL.

can you put SSL hooks into your ldap code easily?

More information about the samba-technical mailing list