[Samba] mix encrypted/non-encrypted password

flinchlock fst6x7v02 at sneakemail.com
Sat Feb 28 12:31:54 GMT 2004

Quoting "Thomas Spuhler thomas-at-btspuhler.com |Samba|"
<sw5lhtrrjk0t at sneakemail.com>:

> We have lots of different MS boxes from W95 to XP
> I would like to move from non encrypted password to encrypted
> password
> over a certain time period (don want to work all weekend!)
> Is that possible and how. I didn't find anything on this subject

man smb.conf

update encrypted (G)

This boolean parameter allows a user logging on with a plaintext
password to have their encrypted (hashed) password in the smbpasswd
file to be updated automatically as they log on. This option allows
a site to migrate from plaintext password authentication (users
authenticate with plaintext password over the wire, and are checked
against a UNIX account database) to encrypted password
authentication (the SMB challenge/response authentication
mechanism) without forcing all users to re-enter their passwords
via smbpasswd at the time the change is made. This is a convenience
option to allow the change over to encrypted passwords to be made
over a longer period. Once all users have encrypted representations
of their passwords in the smbpasswd file this parameter should be
set to no.

In order for this parameter to work correctly the encrypt passwords
parameter must be set to no when this parameter is set to yes.


SuSE 9.0 Pro (2.4.21-192-default) with samba-2.2.8a-107

More information about the samba mailing list