On Fri, 2002-12-13 at 10:42, Gerald (Jerry) Carter wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Fri, 13 Dec 2002, Tim Potter wrote: > > > > ....stored in clear text in secrets.tdb (HEAD) when i join an NT 4.0 > > > domain? It doesn't store the the last change time either. > > > Unless someone yells, i'm going to fix this. > > > > Er, it's always been in clear text. Or are you referring to the last > > change time? That's probably a bug. > > I mean we store the password (not the hash). We previously stored > the hash right?
We need the cleartext becouse some of the kerberos things don't use the NT#, they use other hashing stuff (particularly for systems without the latest - unreleased - MIT krb5). Regarding the last change time - yes, we need to clean up this mess - I was looking to store all domains (even the local one) in some kind of common record format, that would try to keep trusted domains using as much common code as possible. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
