[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Getting OpenLDAP to auth users against sambaNTPassword

On Tue, 2003-06-24 at 06:01, Norbert Klasen wrote:
> --On Donnerstag, 19. Juni 2003 16:10 +1000 Andrew Bartlett 
> <abartlet@samba.org> wrote:
> > I note with interest that there is a {LANMAN} password type available
> > for the userPassword attribute, but this does not quite meet the
> > requirements - for one thing it is case *INSENSITIVE*, which makes the
> > whole thing much weaker.
> Should it be case sensitive? I wrote the code according to RFC2433 which 
> says the password should be converted to uppercase.

Correct - it's just the problem with the whole LANMAN idea.  Microsoft
replaced it for very good reason.

It's just a pity they never updated Win9x to us the NT password, so we
have been stuck with the dog for *way* too long...

Andrew Bartlett

Andrew Bartlett                                 abartlet@pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet@samba.org
Student Network Administrator, Hawker College   abartlet@hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net

Attachment: signature.asc
Description: This is a digitally signed message part