I have a Samba-PDC installation (version is 3.6.3) with openLDAP. When I change the password from a client (Windows/XP and Windows/7) the attribute "sambaNTPassword" is changed and I can log-in with the new pssword. The problem is that the content of the attribute "sambaLMPassword" is deleted. I remember that in my previous version of Samba (3.0.28) both attributes were updated. Is this correct ? Where is used the attribute "sambaLMPassword" ? Thanks Michelangelo
Hello Michelangelo, Am 29.08.2013 10:12, schrieb Michelangelo Rezzonico:> I have a Samba-PDC installation (version is 3.6.3) with openLDAP. > When I change the password from a client (Windows/XP and Windows/7) the > attribute "sambaNTPassword" is changed and I can log-in with the new > pssword. > > The problem is that the content of the attribute "sambaLMPassword" is > deleted.It's not a problem. It was a security decission. :-) If there's no good reason, you should keep this new default. If you really want to re-enable, have a look at the smb.conf manpage and search for the "lanman auth" option.> I remember that in my previous version of Samba (3.0.28) both attributes > were updated. > Is this correct ?Yes it is. :-) The old LanManager passwords are very insecure. And Samba disabled them by default somewhen around 3.3 when I remember right. On MS side the support for LM passwords was disabled in Vista and later, too.> Where is used the attribute "sambaLMPassword" ?It is removed on password changes. Regards, Marc
Hi Marc, thanks a lot for your help ! Regards. Michelangelo Hello Michelangelo, Am 29.08.2013 10:12, schrieb Michelangelo Rezzonico:> I have a Samba-PDC installation (version is 3.6.3) with openLDAP. > When I change the password from a client (Windows/XP and Windows/7) > the attribute "sambaNTPassword" is changed and I can log-in with the > new pssword. > > The problem is that the content of the attribute "sambaLMPassword" is > deleted.It's not a problem. It was a security decission. :-) If there's no good reason, you should keep this new default. If you really want to re-enable, have a look at the smb.conf manpage and search for the "lanman auth" option.> I remember that in my previous version of Samba (3.0.28) both > attributes were updated. > Is this correct ?Yes it is. :-) The old LanManager passwords are very insecure. And Samba disabled them by default somewhen around 3.3 when I remember right. On MS side the support for LM passwords was disabled in Vista and later, too.> Where is used the attribute "sambaLMPassword" ?It is removed on password changes. Regards, Marc