Content-Type: multipart/signed; micalg=pgp-sha1;

Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Fri, 2006-03-03 at 17:48 -0500, Josh Kelley wrote:
> On 3/2/06, Mark Proehl wrote:
> > is there a way of disabling the creation of the (insecure) lm-hash in
> > the passdb backend of a samba3-pdc?

> The standard way to disable LM hashes in a Microsoft shop is to
> configure the clients to not save them (Local Security Policy ->
> Security Options -> "Network security: Do not store LAN Manager hash
> value on next password change"). I don't think they even offer a
> server-side option to do so.

No, the server controls the hash generation (in almost all
circumstances), so this is a server option.

> It does seem like a useful feature for Samba.

It looks like jerry will add it, controlled by 'lanman auth =3D '.

Andrew Bartlett

Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net

Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

Version: GnuPG v1.4.2.1 (GNU/Linux)

iD8DBQBEEftDz4A8Wyi0NrsRAr3zAJ9VqSdeR+Viu3J9GtSW5G wUy/SJCwCfaNqj


Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba