trying to correctly handle account passwords via ldap
Jeremy Allison
jra at samba.org
Tue Mar 28 02:45:11 GMT 2006
On Tue, Mar 28, 2006 at 12:42:40PM +1000, Andrew Bartlett wrote:
> On Tue, 2006-03-28 at 11:46 +1000, Luke Howard wrote:
> > >You mean they are stored with the old format but wrapped into something
> > >else when queried through DRS ?
> >
> > DRS uses application-level encryption of secret attributes in addition to
> > the session encryption provided by the GSS-API. Nonetheless this encryption
> > is session-specific and is in addition to the OWF obfuscation.
>
> And remains on my list of crypto challenges to tackle. :-)
I think Luke was giving you a hint by the url he posted :-).
Jeremy.
More information about the samba-technical
mailing list