Hi Stephan. On Fri, 8 Dec 2000, OKDesign oHG Security Webmaster wrote:
Hi folks,
finally one of our clients is interested in switching from WinDoof to Linux. But he needs some tool to import the existing users on WindowsNT to Linux in a secure manner (that means, not only importing the users, but also the passwords; but he don't know all passwords) Is there any way to do this efficiently ?
IMHO it's not possible to import the passwords from WinNT to Linux due to the fact that they use different hashing algorithms (Linux crypt(), which is a better form of DES, WinNT uses some kind of MD5 (?)). If you can get Linux to use the same hashing algorithm (perhaps MD5 with PAM? I don't know for sure), it should be somehow possible. But I don't really know of any efficient (and really secure) method. Sure, you could crack the passwords with l0phtcrack, and import them under Linux, not what I'd call secure and/or efficient :-).
Best would be, if the user-data could also be included into samba (samba should act as an login-server for his domain)
This however should be perfectly possible, just export the SAM from NT, and import the hashes into /etc/smbpasswd, which you need anyway. But then there's no login to the Linux machine (POP3, FTP...). Greetings olli
Thanks in advance
--- -------------------------------------------- Stephan M. Ott // OKDesign oHG Internet-Providing und Netzwerkmanagement smo@okdesign.de ..... http://www.okdesign.de fon. +49 961 3814139 .. fax. +49 961 3814140 mobil 0171-8351130 ... oder ... 0171-7858064 --------------------------------------------
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
--
--------------------------------------
Oliver Hensel