SECURITY: password replication onto RODCs

Andrew Bartlett abartlet at samba.org
Sun Dec 1 14:18:29 MST 2013


On Fri, 2013-11-29 at 12:35 -0500, Michael Brown wrote:
> 
> Anyways... is there a quick and easy way to purge credentials from
> the 
> RODC replica?

No.  Even if you deleted the database and re-replicated, it could still
be recovered from the disk.  The passwords have been 'exposed'.

I suggest wiping the disk, if you are worried. 

Andrew Bartlett

-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba






More information about the samba-technical mailing list