inappropriate checking in smbpasswd when changing passwords (api_SamOEMChangePassword in smbd/ipc.c)
David Collier-Brown - Sun Canada
davecb at scot.canada.sun.com
Tue Apr 11 12:10:05 GMT 2000
"James Caccese" <jwcacces at holycross.edu> wrote:
| the server checks the old password against an entry in smbpasswd [file].
| This means the users can only change their password if smbpasswd [file] is
| kept in sync with the unix password database!
Thank you, kind sir: you just explained what another
commentator was going nuts over. And yes, it indeed
sounds bogus...
--dave
--
David Collier-Brown in Boston
Phone: (781) 442-0734, Room BUR03-3632
More information about the samba-technical
mailing list