--===============1155621607==
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="=-6ma+xBnTVT+TYFt7Csi1"


--=-6ma+xBnTVT+TYFt7Csi1
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Fri, 2006-03-03 at 17:48 -0500, Josh Kelley wrote:
> On 3/2/06, Mark Proehl wrote:
> > is there a way of disabling the creation of the (insecure) lm-hash in
> > the passdb backend of a samba3-pdc?

>=20
> The standard way to disable LM hashes in a Microsoft shop is to
> configure the clients to not save them (Local Security Policy ->
> Security Options -> "Network security: Do not store LAN Manager hash
> value on next password change"). I don't think they even offer a
> server-side option to do so.


No, the server controls the hash generation (in almost all
circumstances), so this is a server option.

> It does seem like a useful feature for Samba.


It looks like jerry will add it, controlled by 'lanman auth =3D '.

Andrew Bartlett

--=20
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net

--=-6ma+xBnTVT+TYFt7Csi1
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.1 (GNU/Linux)

iD8DBQBEEftDz4A8Wyi0NrsRAr3zAJ9VqSdeR+Viu3J9GtSW5G wUy/SJCwCfaNqj
uDn+ooejKJ3vDfx8neJmHt8=
=W8XJ
-----END PGP SIGNATURE-----

--=-6ma+xBnTVT+TYFt7Csi1--


--===============1155621607==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
--===============1155621607==--