Table 6.7: Password Chat (Web design) Send Characters Character Definition
Table 6.7: Password Chat Send Characters Character Definition %o The user s old password %n The user s new password \n The linefeed character \r The carriage-return character \t The tab character \s A space For example, you may want to change your password chat to the following entry. This will handle scenarios in which you do not have to enter the old password. In addition, this will also handle the new alltokensupdatedsuccessfully string that Red Hat Linux sends: passwd chat = *new password* %n\n *new password* %n\n *success* Again, the default chat should be sufficient for many Unix systems. If it isn t, you can use the passwdchatdebugglobal option to set up a new chat script for the password change program. The passwdchatdebugoption logs everything during a password chat. This option is a simple boolean, as shown below: [global] encrypted passwords = yes smb passwd file = /usr/local/samba/private/smbpasswd unix password sync = yes passwd chat debug = yes log level = 100 After you activate the password chat debug feature, all I/O received by Samba through the password chat will be sent to the Samba logs with a debug level of 100, which is why we entered a new log level option as well. As this can often generate multitudes of error logs, it may be more efficient to use your own script, by setting the passwdprogramoption, in place of /bin/passwd to record what happens during the exchange. Also, make sure to protect your log files with strict file permissions and to delete them as soon as you ve grabbed the information you need, because they contain the passwords in plaintext. The operating system on which Samba is running may have strict requirements for valid passwords in order to make them more impervious to dictionary attacks and the like. Users should be made aware of these restrictions when changing their passwords. Earlier we said that password synchronization is limited. This is because there is no reverse synchronization of the encrypted smbpasswd file when a standard Unix password is updated by a user. There are various strategies to get around this, including NIS and freely available implementations of the pluggable authentication modules (PAM) standard, but none of them really solve all the problems yet. In the future, when Windows 2000 emerges, we will see more compliance with the Lightweight Directory Access Protocol (LDAP), which promises to make password synchronization a thing of the past. 202
We recommend cheap and reliable webhost to host and run your web applications: Coldfusion Web Hosting services.