[PATCH] Password history support

Aurélien Degrémont aurelien.degremont at idealx.org
Wed Dec 24 09:43:49 GMT 2003


Could you give me some feedback about this ? In order to correct it, 
enhance it. I want to finish the missing backend support, but, before 
that, i'd like to be sure the two first ones are ok, to avoid the same 



Aurélien Degrémont wrote:

> Hi,
> Here is a patch which implements password history support to Samba 3.
> It add a new field pw_history[] to SAM_ACCOUNT struct. I think it's 
> the last missing and needed SAM_ACCOUNT field. This patch complete the 
> previous TDBSAM patch in order to create the new tdbsam format.
> The user password history is stored in each sam_account struct. Each 
> password is coded in a "salted" format. It is done by the following 
> method : MD5( MD4_NT_PW_HASH + "salt") for security reasons. The 
> transformation is done by crypt_salted(), I put it util_pw.c (I didn't 
> know where put it, so it set it there, i let you move it if you know a 
> better place).
> I modified all the password modification code in Samba to add the 
> password history call, maybe i miss some of it, please complete (the 
> samba password managing code is far from clear and it is ... scattered 
> :)).
> Presently, only ldapsam and tdbsam are supported. SambaSamAccount got 
> a new attribute.
> Waiting for your comments.
> Aurélien Degrémont

More information about the samba-technical mailing list