trying to correctly handle account passwords via ldap

Andrew Bartlett abartlet at
Tue Mar 28 02:42:40 GMT 2006

On Tue, 2006-03-28 at 11:46 +1000, Luke Howard wrote:
> >You mean they are stored with the old format but wrapped into something
> >else when queried through DRS ?
> DRS uses application-level encryption of secret attributes in addition to
> the session encryption provided by the GSS-API. Nonetheless this encryption
> is session-specific and is in addition to the OWF obfuscation.

And remains on my list of crypto challenges to tackle. :-)

Andrew Bartlett

Andrew Bartlett                      
Authentication Developer, Samba Team 
Student Network Administrator, Hawker College
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list