[Samba] samba password hashes exposed to ldapsearch
Volker Lendecke
Volker.Lendecke at SerNet.DE
Mon Jul 28 21:27:32 GMT 2008
On Mon, Jul 28, 2008 at 01:32:49PM -0700, Amin Al-Regan wrote:
> Is there are way to also hide the Samba password hashes without breaking
> Samba functionality? Say, by using some LDAP rights-management tool to
> limit access to these attributes to certain accounts. Or does Samba require
> these hashes to be generally readable?
Samba itself needs to be able to read and write its password
attributes, but nss_ldap does not need to see them at all.
You should fix that wiki page and add the appropriate fds
acl settings there.
Thanks,
Volker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba/attachments/20080728/3a7243ae/attachment.bin
More information about the samba
mailing list