On Sat, Nov 12, 2011 at 05:39:18PM -0300, zoolook wrote: > 2011/11/12 steve <[email protected]>: > > > Nearly understood it but I'm missing this: How does the username and > > password that is typed in on the win client travel over the network to the > > samba (and in my case also ldap) server? It must be sent as plain text no? > > Cheers, Steve. > > > Yup... more or less. I don't know the internals of NTLM(or whatever 7 > is using). But yes, the username and a hash of the password travels > over the network to the samba server, not openldap. You can add > kerberos to the mix if you're concerned about security.
Be aware that the password is never sent in plain text except if you force both server and client to do so. NTLMv2 as far as I know is reasonably secure. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-370000-0, fax: +49-551-370000-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:[email protected] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
