Summary of DES salt for 2000 & 2003
Luke Howard
lukeh at padl.com
Sat Jul 8 04:39:14 GMT 2006
Jerry,
I'm pretty sure it is ${samAccountName} without the
trailing $, not ${cn}.
Of course generally these will be identical.
>I assuming but have not confirmed yet is that the UPN
>behavior is based on the domain functional level. So that
>a domain with Windows 2000 and 2003 DCs would have a
>domain functional level of "Windows 2000" and therefore
>honor the UPN attibute for salt.
I believe it is based on the OS version which would
cause an interop problem.
-- Luke
--
More information about the samba-technical
mailing list