trying to correctly handle account passwords via ldap

Luke Howard lukeh at
Tue Mar 28 01:46:47 GMT 2006

>You mean they are stored with the old format but wrapped into something
>else when queried through DRS ?

DRS uses application-level encryption of secret attributes in addition to
the session encryption provided by the GSS-API. Nonetheless this encryption
is session-specific and is in addition to the OWF obfuscation.

-- Luke


More information about the samba-technical mailing list