[Samba] passwords - windows - clear or hashed over wire?
Gerald Carter
jerry at samba.org
Tue Feb 5 12:28:55 GMT 2002
On Mon, 4 Feb 2002, Terry Davis wrote:
> If I set /etc/pam.d/samba to:
> auth required pam_ldap.so
> account required pam_ldap.so
> session required pam_ldap.so
> password required pam_ldap.so
>
> then samba changes the password in the ldap server. This is great!!
> One problem, it changes the password in ldap to be clear! How does it
> do this? I didn't think windows sent the password accross the wire in
> the clear.
This will be a characteristic of the pam_ldap.so library. You should use
ssl when connecting to the LDAP server. See the examples in the
/etc/ldap.conf file include with your linux distribution.
chau, jerry
---------------------------------------------------------------------
Hewlett-Packard http://www.hp.com
SAMBA Team http://www.samba.org
-- http://www.plainjoe.org
"Sam's Teach Yourself Samba in 24 Hours" 2ed. ISBN 0-672-32269-2
--"I never saved anything for the swim back." Ethan Hawk in Gattaca--
More information about the samba
mailing list