[PATCH] Password history support
Aurélien Degrémont
aurelien.degremont at idealx.org
Wed Dec 24 09:43:49 GMT 2003
Hi,
Could you give me some feedback about this ? In order to correct it,
enhance it. I want to finish the missing backend support, but, before
that, i'd like to be sure the two first ones are ok, to avoid the same
mistakes.
Thanks,
Aurélien
Aurélien Degrémont wrote:
> Hi,
>
> Here is a patch which implements password history support to Samba 3.
>
> It add a new field pw_history[] to SAM_ACCOUNT struct. I think it's
> the last missing and needed SAM_ACCOUNT field. This patch complete the
> previous TDBSAM patch in order to create the new tdbsam format.
>
> The user password history is stored in each sam_account struct. Each
> password is coded in a "salted" format. It is done by the following
> method : MD5( MD4_NT_PW_HASH + "salt") for security reasons. The
> transformation is done by crypt_salted(), I put it util_pw.c (I didn't
> know where put it, so it set it there, i let you move it if you know a
> better place).
> I modified all the password modification code in Samba to add the
> password history call, maybe i miss some of it, please complete (the
> samba password managing code is far from clear and it is ... scattered
> :)).
>
> Presently, only ldapsam and tdbsam are supported. SambaSamAccount got
> a new attribute.
>
> Waiting for your comments.
>
> Aurélien Degrémont
More information about the samba-technical
mailing list