On 1/1/08, Jordan K. Hubbard <[EMAIL PROTECTED]> wrote: > > Let's ask a different question: What are you trying to achieve? > > - Jordan
Hi Jordan, You raise a good question, about what I am trying to achieve. My concern is that, after reading Apple's Mac OS X Server Leopard documentation, it strikes me that crypt passwords are less secure compared to other options such as Shadow Passwords, as I quote the Leopard Server OpenDirectory documentation (PDF): User accounts not used on computers that require a crypt password should > have an > Open Directory password or a shadow password. A crypt password is required > only for > logging in to a computer with Mac OS X v10.1 or earlier and on computers > with some > types of UNIX. > > A crypt password is stored as an encrypted value, or hash, in the user > account record in > the directory domain. Because the crypt password can be recovered from the > directory > domain, it is subject to offline attack and is less secure than other > password types. > Maybe I am misinterpreting, but it strikes me that Apple is recommending that, if possible, a crypt password should be last on the list of password type choices. Thanks, T.M. On Jan 1, 2008, at 2:04 AM, Tabitha McNerney wrote: > > > Hello all -- > > > > I am happily running Leopard Server and installing MacPorts 1.6.0. > > Some of the ports install users in the local directory domain (with > > Leopard Apple has officially done away with NetInfo by the way). > > There is an option using Workgroup Manager -- a GUI tool only > > bundled by Apple with Mac OS X Server, to change the password type > > of local directory domain users (for example, the user "ldap" > > installed by MacPorts as part of the openldap port) from crypt to > > Shadow Password. Has anyone ever tried this and if so are there any > > reasons not to switch from crypt to Shadow Password? > > > > Thank, > > > > -T.M. > > _______________________________________________ > > macports-users mailing list > > [email protected] > > http://lists.macosforge.org/mailman/listinfo/macports-users > >
_______________________________________________ macports-users mailing list [email protected] http://lists.macosforge.org/mailman/listinfo/macports-users
