unix password sync problems!
Todd Pfaff
todd at edge.cis.mcmaster.ca
Thu Apr 2 14:14:56 GMT 1998
On Thu, 2 Apr 1998, Dan Stromberg wrote:
> > *Can* root change an NIS password remotely without plaintext
> > knowledge of the old password ?
>
> That was part of my question.
>
> I got less lazy and dug through some rpc.yppasswdd sources.
>
> It looks to me like the only cleartext password that gets passed, is the
> old one, not the new one. Sigh.
>
> So yes it can be done, but not in an acceptable amount of time with
> the-usual-onc-rpc-based-password-changing-protocol.
>
> Or more practically: It'd almost certainly require replacing one
> rpc.yppasswdd (or similar) and all /usr/bin/yppasswd's.
in solaris 2.5 you can run 'passwd -r files username' as root to change
the password for username in the local passwd file without knowing the old
password.
could the 'passwd program' be a script?
/usr/bin/passwd -r files %u
cd /var/yp
make
of course, this will only work if your samba server where 'passwd program'
runs is also your nis master server.
--
Todd Pfaff \ Email: pfaff at mcmaster.ca
Computing and Information Services \ Voice: (905) 525-9140 x22920
ABB 132 \ FAX: (905) 528-3773
McMaster University \
Hamilton, Ontario, Canada L8S 4M1 \
More information about the samba
mailing list