Web design portfolio - encrypt passwords = yes By default, Windows NT
encrypt passwords = yes By default, Windows NT 4.0 with Service Pack 3 or above and Windows 98 transmit encrypted passwords over the network. If you are enabling encrypted passwords, you must have a valid smbpasswd file in place and populated with usernames that will authenticate with encrypted passwords. (See the section Section 6.4.2, The smbpasswd File, earlier in this chapter.) In addition, Samba must know the location of the smbpasswd file; if it is not in the default location (typically /usr/local/samba/private/smbpasswd), you can explicitly name it using the smb passwdfileoption. If you wish, you can use the updateencryptedto force Samba to update the smbpasswd file with encrypted passwords each time a client connects to a non-encrypted password. A common strategy to ensure that hosts who need encrypted password authentication indeed receive it is with the includeoption. With this, you can create individual configuration files that will be read in based on OS-type (%a) or client name (%m). These host-specific or OS-specific configuration files can contain an encryptedpasswords=yesoption that will activate only when those clients are connecting to the server. 6.4.4.3 passwd program The passwdprogramis used to specify a program on the Unix Samba server that Samba can use to update the standard system password file when the encrypted password file is updated. This option defaults to the standard passwd program, usually located in the /bin directory. The %u variable is typically used here as the requesting user when the command is executed. The actual handling of input and output to this program during execution is handled through the passwd chatoption. The “Password Synchronization” section, earlier in this chapter, covers this option in detail. 6.4.4.4 passwd chat This option specifies a series of send/response strings similar to a Unix chat script, which are used to interface with the password-changing program on the Samba server. The “Password Synchronization” section, earlier in this chapter, covers this option in detail. 6.4.4.5 passwd chat debug If set to yes, the passwdchatdebugglobal option logs everything sent or received by Samba during a password chat. All the I/O received by Samba through the password chat is sent to the Samba logs with a debug level of 100; you will need to specify loglevel=100in order for the information to be recorded. The “Password Synchronization” section, earlier in this chapter, describes this option in more detail. Be aware that if you do set this option, the plaintext passwords will be visible in the debugging logs, which could be a security hazard if they are not properly secured. 6.4.4.6 password level With SMB, non-encrypted (or plaintext) passwords are sent with capital letters, just like the usernames mentioned previously. Many Unix users, however, choose passwords with both uppercase and lowercase letters. Samba, by default, only attempts to match the password entirely in lowercase letters, and not capitalizing the first letter. 205
Searching for affordable and proven webhost to host and run your servlet applications? Go to Linux Web Hosting services and you will find it.