[PATCH] Password history support

Aurélien Degrémont aurelien.degremont at idealx.org
Wed Dec 24 09:43:49 GMT 2003


Hi,

Could you give me some feedback about this ? In order to correct it, 
enhance it. I want to finish the missing backend support, but, before 
that, i'd like to be sure the two first ones are ok, to avoid the same 
mistakes.

Thanks,

Aurélien


Aurélien Degrémont wrote:

> Hi,
>
> Here is a patch which implements password history support to Samba 3.
>
> It add a new field pw_history[] to SAM_ACCOUNT struct. I think it's 
> the last missing and needed SAM_ACCOUNT field. This patch complete the 
> previous TDBSAM patch in order to create the new tdbsam format.
>
> The user password history is stored in each sam_account struct. Each 
> password is coded in a "salted" format. It is done by the following 
> method : MD5( MD4_NT_PW_HASH + "salt") for security reasons. The 
> transformation is done by crypt_salted(), I put it util_pw.c (I didn't 
> know where put it, so it set it there, i let you move it if you know a 
> better place).
> I modified all the password modification code in Samba to add the 
> password history call, maybe i miss some of it, please complete (the 
> samba password managing code is far from clear and it is ... scattered 
> :)).
>
> Presently, only ldapsam and tdbsam are supported. SambaSamAccount got 
> a new attribute.
>
> Waiting for your comments.
>
> Aurélien Degrémont





More information about the samba-technical mailing list