On Fri, 26 Jul 2002, David Collier-Brown wrote: > Gerald Carter wrote: > > > > On Sun, 21 Jul 2002, Andrew Bartlett wrote: > > > > > To restate: "unix password sync = yes" and "encrypt passwords = no" is > > > a valid combination. > > > > OK. I'll bite. This might for for NT clients, but it won't for win9x > > right. Since we have upper cased passwords, there's no way of knowing > > what the user intended the password to be (for the old and new passwords). > > You could brute force the old password against the local hash in > > /etc/passwd but this seems like such a waste. > > How about wording such as: > Warning: NT client machines will be able to update > both Unix and Windows passwords, but Windows 95/98/ME > machines will not be able to keep the two in sync > unless they have the "EnablePlainTextPassword" > flag set in their registry. > Or does the uppercasing behavior make it even eviler? (;-))
Think about this for a second. If i send you the password "SECRET", how dfo you know that I intended the original string to be 'sEcrEt' ? cheers, jerry --------------------------------------------------------------------- Hewlett-Packard http://www.hp.com SAMBA Team http://www.samba.org -- http://www.plainjoe.org "Sam's Teach Yourself Samba in 24 Hours" 2ed. ISBN 0-672-32269-2 --"I never saved anything for the swim back." Ethan Hawk in Gattaca--
