Date: Tue, 12 May 1998 14:20:47 +0000 (GMT) From: Luke Kenneth Casson Leighton <lkcl@cb1.com> To: Jean-Francois Micouleau <Jean-Francois.Micouleau@utc.fr>, Multiple recipients of list <samba-technical@samba.anu.edu.au> Subject: Re: password API needed In-Reply-To: <Pine.LNX.3.96.980512104252.178B-100000@regent.cb1.com>
jean-francois,
the password system you have (putting the password in clear-text) is
unfortunately not sufficient. if we do one of the following:
- create an ldap database from a private/smbpasswd file
- create an ldap database from an NT PDC SAM registry (the holy grail that
really takes microsoft's biscuit - an NT -> Samba migration tool HAHA!)
- add PDC / BDC replication, and support mixed NT / Samba PDC/BDC
environments
then we will need to put the 16 byte hashes in, not the plain-text
password. this is because the plain-text password, in the above
scenarios, will not be available.
so, if i add "ntPwdHash" and "lmPwdHash" to the ldap schema, you know why
:-)
luke
p.s how do you go about _modifying_ ldap database entries?