About SECRETS_MACHINE_ACCT_PASS and passwords in secrets
Matthieu Patou
mat at samba.org
Wed May 19 23:12:27 MDT 2010
Hello,
While digging into samba 3.x code I found this variable with the
following comment
/* the first one is for the hashed password (NT4 style) the latter
for plaintext (ADS)
*/
The second variable is SECRETS_MACHINE_PASSWORD.
My first question is: it seems that the variable
SECRETS_MACHINE_ACCT_PASS is not used anymore why not removing it or at
least as clear comment.
Second question is: are we storing password in clear in secrets.ldb ?
If so why ? can't we store the hashed version ?
Matthieu
--
Matthieu Patou
Samba Team http://samba.org
More information about the samba-technical
mailing list