[samba-tng] sam tdb password verification problem

Luke Kenneth Casson Leighton lkcl at samba.org
Tue Feb 1 08:00:00 GMT 2000

ok.  how do i test passwords????

it's all through the samr API.

i have a function to _set_ passwords.  3, in fact.  1 for users, 2 for

i'm stuffed.

all the password get samr apis specifically _don't_ return the password.

with the private/smbpasswd api, you call get_smbpwd_entry() in netlogond,
and you're happy.  right?

well, i don't _have_ a get_smbpwd_entry() for use in netlogond!

i was thinking of combining netlogond and samrd like how microsoft do

i think i might have to add either a special info level to the samr
password API to get the password hashes, or a special "private" function
to samr to _check_ the 8-chal/var-resps, _or_ use the tdb password code in
netlogond once it's written.

none of which are particularly appealing.  a "private" function is, if i
tink about it, out of the question, that's netlogond's job to deal with
chal/response generation/checking, which leaves a special info level or
tdb access code.

a special info level is better as it makes netlogond more generic
[independent of the underlying password database api code, tdb, ldap or

this is awkward!


More information about the samba-technical mailing list