Encrypted and cleartext at the same time?

Luke Kenneth Casson Leighton lkcl at switchboard.net
Mon Oct 13 18:30:52 GMT 1997

> >Summary: An administrator could allow "require encryption = no" for a
> >couple of days/weeks so that the entries in the smbpasswd file are filled
> >in as the users are using Samba, then setting "require encryption = yes"
> >would work as it works now with "encrypt passwords = yes": only allowing
> >encypted authentication.
> >
> >What do you think?
> A nice idea, but sadly un-implementable

thanks for replying to this simon.

andrew's had an idea, namely to do a Node Status request before replying 
to the SMBnegprot, and assuming that the first <03> netbios name in the 
list is a username.

it's been pointed out to me that a multi-user NT machine will have 
_several_ users listed, so a little more intelligence would be required.

the first important milestone is to implement "migrate passwords = yes", 
which generates smbpasswd entries from the clear-text passwords over a 
period of a few days.

anyone want to do this?


<a href="mailto:lkcl at switchboard.net"  > Luke Kenneth Casson Leighton </a>
<a href="http://mailhost.cb1.com/~lkcl"> Lynx2.7-friendly Home Page   </a>
<br><b>  "Apply the Laws of Nature to your environment before your
          environment applies the Laws of Nature to you"              </b>

More information about the samba mailing list