Request about implementation of alternate authentication mechanism in samba

Michal Vymazal Michal.Vymazal at
Wed Apr 30 01:17:50 MDT 2014

In short description (on our future ldap patch code)

We want to enable to ldap to use more than one password for one service.

Means - hash no. 1 not match - ldap will try the hash no. 2  etc.

So yes, we want to store an additional password representation.

In this case, the user can use one password from PC and another password
from any mobile device.

Best regards
Michal Vymazal

Dne 29.4.2014 17:21, Volker Lendecke napsal(a):
> On Tue, Apr 29, 2014 at 02:15:18PM +0200, Michal Vymazal wrote:
>> Dear all
>> We are going to append binary code to some ldap modules - the goal is to
>> enable ldap to use "alternate passwords" for some ldap entries. Means,
>> every app using ldap bind will can use "alternate passwords" to verify
>> the user access. Useful for the environment of mobile devices etc.
>> My question is - does the samba team think about the implementation of
>> this feature to the samba binary code?
> Can you be a bit more specific about what you want to
> achieve? Are you talking about modifying the Active
> Directory DC code? Do you want to store an additional
> password representation there? If so, what would be the
> requirements these alternative representations are supposed
> to meet?
> Best regards,
> Volker Lendecke

Michal Vymazal
work: CESNET, z.s.p.o.
AAI Department
Zikova 4, 160 00 Praha 6
Czech Republic

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3244 bytes
Desc: Elektronicky podpis S/MIME
URL: <>

More information about the samba-technical mailing list