[SAMBA4] How should we store password hashes?
Stefan (metze) Metzmacher
metze at samba.org
Tue Feb 13 09:34:42 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
As we now know how the password fields are replicated,
I was thinking about how we should store them in our ldb.
I'd like to store them exactly are they're replicated,
(just without the session specific encryption). So that
the following attributes are stored rid crypted:
unicodePwd, ntPwdHistory, dBCSPwd and lmPwdHistory.
And the functions to access the hashes, like samdb_result_hash(), will
rid (de)crypt them on the fly.
I have a patch which passes the rid to this functions, to fix all the
callers (but it still uses the samba specific attributes and didn't to
rid crypt)
Comments please:-)
metze
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iD8DBQFF0YYwm70gjA5TCD8RAkkbAJ4w2EhbiA0GyZQypqCN6/eKfPry0QCgkNNW
7SZdKWR6HRu9/+9XKGMsPBs=
=YF5P
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rid-crypt-01.diff
Type: text/x-patch
Size: 20489 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20070213/c5fc1ee0/rid-crypt-01.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rid-crypt-01.diff.sig
Type: application/pgp-signature
Size: 65 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20070213/c5fc1ee0/rid-crypt-01.diff.bin
More information about the samba-technical
mailing list