On Wed, 13 May 1998, Jean-Francois Micouleau wrote:
> On Tue, 12 May 1998, Luke Kenneth Casson Leighton wrote:
>
> > > You have to make the distinction between users and trusts
accounts.
> >
> > why? not in my book you don't, and not in an NT SAM you
don't. trust
> > accounts _are_ SAM users, but just with a different ACB_xxxx value.
>
> your book ? You found good books on microsoft #]}]&~i" protocols ?
>
> I mean with trust accounts you don't care about unix password
> synchronization.
correct, and something i hadn't thought about at all, and hadn't thought
that someone else would consider it.
> > > I don't like it, I prefer to follow RFC2037.
> > wossat, then? what's that say (in a nutshell)
>
> I said I prefer to store the password as proposed in RFC 2037, cause NT5
> schema is not stable right now.
that's what mark's already done with his ldap system - see
http://samba.anu.edu.au/listproc/samba-technical/0542.html
> We can take a look at NT5 schema (to know
> how it looks like) but I'm sure it's not the definitive one that
will be
> in the shipping version of NT5.
>
> > then we will have to invent / use what microsoft does, which is to
> > obfuscate with a long-term session key.
>
> It's in the case where you want to store clear text password. If you
want
> to obfuscate, you need to patch slapd, humm.
> I should look on critical angle repository web server, there was something
> there.
>
> Is there any ldap guru on this list ?
calling all ldap gurus! calling all ldap gurus! please subscribe to
samba-technical@samba.anu.edu.au and help us out!
luke (samba team)