[PATCH] Password history support
aurelien.degremont at idealx.org
Wed Dec 24 09:43:49 GMT 2003
Could you give me some feedback about this ? In order to correct it,
enhance it. I want to finish the missing backend support, but, before
that, i'd like to be sure the two first ones are ok, to avoid the same
Aurélien Degrémont wrote:
> Here is a patch which implements password history support to Samba 3.
> It add a new field pw_history to SAM_ACCOUNT struct. I think it's
> the last missing and needed SAM_ACCOUNT field. This patch complete the
> previous TDBSAM patch in order to create the new tdbsam format.
> The user password history is stored in each sam_account struct. Each
> password is coded in a "salted" format. It is done by the following
> method : MD5( MD4_NT_PW_HASH + "salt") for security reasons. The
> transformation is done by crypt_salted(), I put it util_pw.c (I didn't
> know where put it, so it set it there, i let you move it if you know a
> better place).
> I modified all the password modification code in Samba to add the
> password history call, maybe i miss some of it, please complete (the
> samba password managing code is far from clear and it is ... scattered
> Presently, only ldapsam and tdbsam are supported. SambaSamAccount got
> a new attribute.
> Waiting for your comments.
> Aurélien Degrémont
More information about the samba-technical