trying to correctly handle account passwords via ldap

simo idra at samba.org
Tue Mar 28 02:01:09 GMT 2006


On Tue, 2006-03-28 at 11:46 +1000, Luke Howard wrote:
> >You mean they are stored with the old format but wrapped into something
> >else when queried through DRS ?
> 
> DRS uses application-level encryption of secret attributes in addition to
> the session encryption provided by the GSS-API. Nonetheless this encryption
> is session-specific and is in addition to the OWF obfuscation.

Understood,
thanks so much!

Simo.

-- 
Simo Sorce
Samba Team GPL Compliance Officer
email: idra at samba.org
http://samba.org



More information about the samba-technical mailing list