> Is there are way to also hide the Samba password hashes without breaking > Samba functionality? Say, by using some LDAP rights-management tool to > limit access to these attributes to certain accounts. Or does Samba require > these hashes to be generally readable?
A properly configured LDAP server will not allow anything but the samba daemons to read windows hashes; they are plaintext password equivalent since they can be cracked quite trivially with freely downloadable tools. Do not send your password hashes over an unencrypted network connection, for the same reason. --Charlie -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
