[Samba] Valid characters in NT user/pass, wbinfo -a

daniel.jarboe at custserv.com daniel.jarboe at custserv.com
Wed Nov 6 13:31:01 GMT 2002


I was trying to avoid having users type the whole MY_DOMAIN_HERE+user 
thing, and have just the user be sufficient.  It's been said recently on 
the list that winbind use default domain should not be used in the 2.x 
series, and it's appearance in the 2.x series was accidental.

without use default domain, is there any way to use pam_winbind to add 
the domain name to the front?

~ Daniel

abartlet at samba.org wrote:

> On Wed, 2002-11-06 at 00:27, daniel.jarboe at custserv.com wrote:
> 
>>Samba 2.2.6.  I've been looking for (without success) a doc that 
>>specifies what characters are valid in an NT login/password.  A script 
>>will popen  '/usr/bin/wbinfo -a MY_DOMAIN+"'+user+'"%"'+passw+'"' where 
>>user and passw are untrusted submitted values, so you can understand my 
>>concern.  I want to keep things tight but not reject valid user/pass 
>>combinations.
>>
> 
> Don't use it like that.  Instead use pam_winbind.  (Because this is a
> standard interface that won't change).  If you are using perl for your
> scripting language, then you can use Authen::PAM to hook in with it.
> 
> Andrew Bartlett
> 
> 





More information about the samba mailing list