clearTextPassword attribute

simo idra at
Wed Oct 28 10:20:10 MDT 2009

On Wed, 2009-10-28 at 16:18 +0100, Matthias Dieter Wallnöfer wrote:
> Hi Nadya,
> yeah this attribute is used only by s4. To handle it properly you
> will 
> have to do some exception handling regarding it (like it has been
> done 
> in the schema code). Isn't there a constraint line in the ACL for all 
> password attributes in common? If yes, apply this also for this 
> attribute. If each password attribute has it's own setting do this:
> use 
> the rights for the "unicodePwd". The two attributes are nearly 
> identical: the first is pure UTF16 cleartext (easier for use by s4 
> calls) and the second one (transportable, since also supported by 
> windows) is UTF16 quoted cleartext.

Why don't we just stop using clearTextPassword and use unicodePwd
instead with a control that specify it contains samab4 special data ?

It would make more sense then adding exceptions in the acl code IMO.


Simo Sorce
Samba Team GPL Compliance Officer <simo at>
Principal Software Engineer at Red Hat, Inc. <simo at>

More information about the samba-technical mailing list