On Tue, 2002-11-05 at 16:49, Howard Huntley Jr. wrote: > I compiled the source, My understand is that the encryption support has to > be compiled > into the binary. If not the "encrypt passwords = Yes" function in smb.conf. > is meaning less,
Your understanding is incorrect. Samba's support for the LM and NTLM
challenge-response authentication scheme ('encrypted passwords') is
compiled into every Samba installation since well before 2.0.
The option controls the use of that authentication scheme, because it
cannot be used with a standard /etc/passwd file, nor PAM's
authentication support. As such, some sites prefer that it be disabled
for integration into their existing systems. (You must maintain an
smbpasswd file manually, or integrate into an existing NT-compatible
domain).
Use of 'encrypt passwords = yes' is highly recommended, not only for
network security, but also for client interoperability - there are weird
bugs in MS products when using plain-text passwords.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
