Synchonisation between NIS and encrypted SMBPASSWD

Jeremy Allison jallison at cthulhu.engr.sgi.com
Sun Dec 6 19:50:55 GMT 1998


Rainer wrote :

> To my opinion the only (sensible) solution to this problem is to include
> the support for the old password (%o) in smbpasswd. I know it's not done
> due to compatibility reasons but maybe it could be integrated as an
> option?
> 

No it's not done because it's impossible without storing
the plaintext passwords in smbpasswd.

The Windows clients will send the plaintext of the new
password (encrypted) to the password change server, but
they don't possess the plaintext of the old password,
just the Lanman or NT hash of it (which is of no use
for NIS passwords).

Sorry, but that's the real reason why %o cannot be 
supported when using encrypted password change support.

Regards,

	Jeremy Allison,
	Samba Team.

-- 
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------


More information about the samba mailing list