addition to: inappropriate checking in smbpasswd when changing passwords
James Caccese
el_smead at hotmail.com
Wed Apr 12 00:29:28 GMT 2000
I think that having more then one password database is not a good idea.
Especially if you don't need more then one, as in the case with un-encrypted
passwords. The idea is that from the beginning there is no second password
file, so there is never a chance for anything to get un-synced. Also
allowing a user's password to validate against either of two files is
confusing to people. I personally have at least 8 different passwords i need
to keep track of, but remember that it's people like us that set up and
maintain software like samba, but it's the type of people who use cd-rom
drives for cupholders that are the real users of what we setup. There is a
fine line of usability balanced between confusing users with software that
is too complicated and confusing users with software that isn't rigid
enough. They just don't know what to expect.
-james
James Caccese '01
Pres: Holy Cross Computer Society
Holy Cross College
Worcester, Ma
>James Caccese <jwcacces at holycross.edu> wrote:
>
>
>>hi, I just wanted to add to the last thing I sent in
>>
>>for changing the password of a user, it is a good idea to make sure they
>>type in the correct old password.
>
>
>IMHO: In the case of the passwords possibly being out of synchronization,
> >then in many cases it should be acceptable that the old password matches
> >either host password, or the password in the smb password database. Thus
>when it >is changed, they both can be synchronized.
>
>
>-John wb8tyw at qsl.network
>
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
More information about the samba-technical
mailing list