Getting OpenLDAP to auth users against sambaNTPassword
Andrew Bartlett
abartlet at samba.org
Mon Jun 23 21:35:06 GMT 2003
On Tue, 2003-06-24 at 06:01, Norbert Klasen wrote:
>
>
> --On Donnerstag, 19. Juni 2003 16:10 +1000 Andrew Bartlett
> <abartlet at samba.org> wrote:
>
> > I note with interest that there is a {LANMAN} password type available
> > for the userPassword attribute, but this does not quite meet the
> > requirements - for one thing it is case *INSENSITIVE*, which makes the
> > whole thing much weaker.
>
> Should it be case sensitive? I wrote the code according to RFC2433 which
> says the password should be converted to uppercase.
Correct - it's just the problem with the whole LANMAN idea. Microsoft
replaced it for very good reason.
It's just a pity they never updated Win9x to us the NT password, so we
have been stuck with the dog for *way* too long...
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030623/6dcba878/attachment.bin
More information about the samba-technical
mailing list