[Samba] Samba - LDAP - Kerberos
abartlet at samba.org
Thu Apr 5 22:25:00 GMT 2007
On Thu, 2007-04-05 at 14:35 +0200, Jörg Herzinger wrote:
> > Like Kerberos, Samba needs the password-equivilant values, or some other
> > process that will perform the same calculations on them (like a DC for a
> > member server). There isn't any way around that. Interestingly Heimdal
> > 0.8 includes code to do this in the KDC (we don't have a client for this
> > yet, but it is a very interesting move).
> > Andrew Bartlett
> Ok, I see the problem now. Since i am in a small network sending unencrypted
> passwords would'nt be a problem and when samba has the cleartext password
> authenticating via PAM or anything else should'nt be a problem, right?
You can't do domain logons with plaintext passwords, and it is far less
stable, even for normal operations (with windows clients, after apply
the registry patch). Just don't do it.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc. http://redhat.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20070406/abbcd60c/attachment.bin
More information about the samba