Winbindd change password request

Alexey Kobozev cobedump at
Wed Jun 7 11:06:16 GMT 2006

Hi list!

I'm implementing the authentication against AD using MSCHAPv2
protocol including the password change. As far as I see the
latest Samba has the only plain text password change request
to winbindd - WINBINDD_PAM_CHAUTHTOK, but during MSCHAPv2
change password I don't have an old plaintext password.

I've checked the sources and it seems to me quite simple task.
WINBINDD_PAM_CHAUTHTOK converts new and old plain text password
to 4 pieces: new_nt_password, old_nt_hash_enc, new_lm_password and
old_lanman_hash_enc -> then sends request through RPC. During the
MSCHAPv2 I already has these 4 parameters, so I just need an ability
to send them through the winbindd request.

So my question is are you guys planning to implement this
functionality? Or can this be available as a patch or a part of
next release?

Thanks a lot!

More information about the samba-technical mailing list