salting in Samba4

Andrew Bartlett abartlet at
Mon Sep 21 14:34:10 MDT 2009

On Mon, 2009-09-21 at 14:34 -0500, Andrew Kroeger wrote:

> Andrew:

> I'm willing to run additional tests to help track this down if you are 
> having problems reproducing the issue.

I wondered if you might like to help write a new test to stop this
happening in future?

The test would be an extension to the 'net export keytab' test, that
uses 'ktutil <keytab> list --keys', grep sort and diff to compare the
keytab in the database with the one in the local secrets.keytab.  If
this ever differs, we have a big problem. 

We can then extend it to create a new machine account in AD, export it
with DRS and create the keytab locally.  Then we can compare that too.  

What do you think?

Andrew Bartlett

Andrew Bartlett                      
Authentication Developer, Samba Team 
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the samba-technical mailing list