Two diffs to add paramater self-checking
Gerald Carter
jerry at samba.org
Fri Jul 26 07:53:01 GMT 2002
On Fri, 26 Jul 2002, David Collier-Brown wrote:
> Gerald Carter wrote:
> >
> > On Sun, 21 Jul 2002, Andrew Bartlett wrote:
> >
> > > To restate: "unix password sync = yes" and "encrypt passwords = no" is
> > > a valid combination.
> >
> > OK. I'll bite. This might for for NT clients, but it won't for win9x
> > right. Since we have upper cased passwords, there's no way of knowing
> > what the user intended the password to be (for the old and new passwords).
> > You could brute force the old password against the local hash in
> > /etc/passwd but this seems like such a waste.
>
> How about wording such as:
> Warning: NT client machines will be able to update
> both Unix and Windows passwords, but Windows 95/98/ME
> machines will not be able to keep the two in sync
> unless they have the "EnablePlainTextPassword"
> flag set in their registry.
> Or does the uppercasing behavior make it even eviler? (;-))
Think about this for a second. If i send you the password
"SECRET", how dfo you know that I intended the original
string to be 'sEcrEt' ?
cheers, jerry
---------------------------------------------------------------------
Hewlett-Packard http://www.hp.com
SAMBA Team http://www.samba.org
-- http://www.plainjoe.org
"Sam's Teach Yourself Samba in 24 Hours" 2ed. ISBN 0-672-32269-2
--"I never saved anything for the swim back." Ethan Hawk in Gattaca--
More information about the samba-technical
mailing list