[PATCH] Remove password level (now only lowercase the plaintext password, do not try combinations)

Andrew Bartlett abartlet at samba.org
Sun Jun 2 18:19:40 MDT 2013

I was looking at adding the deprecated flag to 'password level' so that
we could remove it in the future, and realised it was already

So, given the discussion with Yannick, who has 'password level = 0' (ie,
the default) in his smb.conf, I think this is reasonable.  

That is, if your site relies on plaintext passwords from CIFS clients,
that the requirement be that the client pass the password in correctly,
or that you have the password in the system be in lower case. 

This does not impact encrypted passwords at all, and does not remove
support for any known client.  


I think I've addressed your concerns in my other mail, I agree my
description was confusing. 

Please review/comment/possibly push. 


Andrew Bartlett
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org

More information about the samba-technical mailing list