[Samba] passwords - windows - clear or hashed over wire?
Terry Davis
tdavis at birddog.com
Mon Feb 4 16:56:09 GMT 2002
Hello,
I am testing some things and coming up with weird results.
Here is the scoop:
I have samba set to:
unix password sync = yes
pam password change = yes
I am trying to test what is going on when I change a user's password
from a windows box using the windows password utility. Here is what
happens.
If I have /etc/pam.d/samba set to:
auth required pam_nologin.so
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
samba changes the smbpasswd file to update the changes I made in windows
to the password. It stores the passwords hashed as expected.
If I set /etc/pam.d/samba to:
auth required pam_ldap.so
account required pam_ldap.so
session required pam_ldap.so
password required pam_ldap.so
then samba changes the password in the ldap server. This is great!!
One problem, it changes the password in ldap to be clear! How does it
do this? I didn't think windows sent the password accross the wire in
the clear.
Any smart people wanna figure this one out?
Thank you!
--
Terry Davis
Systems Administrator
BirdDog Solutions, Inc.
(402) 829-6059
www.birddog.com
More information about the samba
mailing list