addition to: inappropriate checking in smbpasswd when
changing passwords
James Caccese
jwcacces at holycross.edu
Tue Apr 11 02:30:32 GMT 2000
hi, I just wanted to add to the last thing I sent in
for changing the password of a user, it is a good idea to make sure they type in the correct old password. Since we get the old password from the client, we can change the uid to that user, and run passwd as them. then we must send passwd the old password. Or, another option is making the passwd command be:
su -c /usr/bin/passwd %u
this would run passwd as the user %u (on redhat 6.1)
the password chat would have to be changed accordingly
I believe that fixing the password change procedure to remove checking smbpasswd will help fix a whole bunch of problems people have been having with passwords
(both my messages pretain to unencrypted passwords)
-james
James Caccese '01
Pres: Holy Cross Computer Society
Holy Cross College
Worcester, Ma
More information about the samba-technical
mailing list