[Samba] quick pam_winbind.so question

Gerald (Jerry) Carter jerry at samba.org
Thu Oct 17 22:51:00 GMT 2002

Hash: SHA1

On Thu, 17 Oct 2002 daniel.jarboe at custserv.com wrote:

> 2.2.6 installed from rpm on rh 7.2 system...
> I'm trying to use pam_winbind and apache's basic authentication to 
> restrict access to certain directories served by apache.
> It does work, but when I enter a wrong password I get this error in 
> log.winbindd:
> Plain-text authentication for user jarboed returned NT_STATUS_WRONG_PASSWORD
> Is there a way that pam_winbind.so can encrypt the passwords rather than 
> send them plaintext?

pam_winbind.so does not authenticate users using plain text 
passwords.  The messages you see (assuming you get this from 
'wbinfo -a') has to do with wbinfo sending winbindd the clear text.
Winbindd uses NTLMv1 for authentication.  Look at a packet trace 
for further convincing.

cheers, jerry
 Hewlett-Packard           ------------------------- http://www.hp.com
 SAMBA Team                ---------------------- http://www.samba.org
 GnuPG Key                 ---- http://www.plainjoe.org/gpg_public.asc
 ISBN 0-672-32269-2        "SAMS Teach Yourself Samba in 24 Hours" 2ed
 "I never saved anything for the swim back."     Ethan Hawk in Gattaca
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/


More information about the samba mailing list