addition to: inappropriate checking in smbpasswd when changing passwords
el_smead at hotmail.com
Wed Apr 12 00:29:28 GMT 2000
I think that having more then one password database is not a good idea.
Especially if you don't need more then one, as in the case with un-encrypted
passwords. The idea is that from the beginning there is no second password
file, so there is never a chance for anything to get un-synced. Also
allowing a user's password to validate against either of two files is
confusing to people. I personally have at least 8 different passwords i need
to keep track of, but remember that it's people like us that set up and
maintain software like samba, but it's the type of people who use cd-rom
drives for cupholders that are the real users of what we setup. There is a
fine line of usability balanced between confusing users with software that
is too complicated and confusing users with software that isn't rigid
enough. They just don't know what to expect.
James Caccese '01
Pres: Holy Cross Computer Society
Holy Cross College
>James Caccese <jwcacces at holycross.edu> wrote:
>>hi, I just wanted to add to the last thing I sent in
>>for changing the password of a user, it is a good idea to make sure they
>>type in the correct old password.
>IMHO: In the case of the passwords possibly being out of synchronization,
> >then in many cases it should be acceptable that the old password matches
> >either host password, or the password in the smb password database. Thus
>when it >is changed, they both can be synchronized.
>-John wb8tyw at qsl.network
Get Your Private, Free Email at http://www.hotmail.com
More information about the samba-technical