[Samba] Insecure smbpasswd with ldap ??
Andrew Bartlett
abartlet at samba.org
Wed Apr 23 15:12:25 GMT 2003
On Thu, 2003-04-24 at 01:00, Gregory Hinton Nietsky wrote:
>
> hi there i have recently moved all users to LDAP and incorporated the
> Samba schema i have allocated servers read only access to the data
> except for what is required ie lmpass ... ntpass .. what disturbs me is
> that smbpasswd demands write access to
> uid,rid,primarygroup,cn,displayname i would rather it did not do this i
> fully understand why samba requires write access to other attr's in fact
> in my config these are read only except for servers ...
>
> im going to be hacking away at the code to change this and was hopeing
> someone out there would agree in the logic that samba should write to as
> little as posible ...
Samba 3.0 now makes minimal possible change. But as smbclient must
modify password values, most people just give it manager credentials.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20030424/73dbf117/attachment.bin
More information about the samba
mailing list