On Fri, Dec 08, 2000 at 17:57 +0100, Oliver Hensel wrote:
On Fri, 8 Dec 2000, OKDesign oHG Security Webmaster wrote:
[ ... migrating NT users to Unix ... ]
Sure, you could crack the passwords with l0phtcrack, and import them under Linux, not what I'd call secure and/or efficient :-).
Unless it can be done by a computer automatically. As soon as human resources are no longer involved computational complexity loses some of its fear. :) Luckily brute forcing is not always a solution and even computers have their limits. :> This BTW once more reminds us of the well known fact that your passwords are only as secure as your access to the user database is ... Feeding the resulting passwords into "smbpasswd -a" should be doable by some scripting mechanism, feel free to choose one of the numerous available languages. Alternatively you could copy the code which makes the hash and crypt forms from them. Another method of migrating could be to supply arbritrary but known passwords when creating the users and immediately expiring them. This way the passwords have to be changed right away at the first login. But I don't know if this works in SMB only (or mostly) environments.
Best would be, if the user-data could also be included into samba (samba should act as an login-server for his domain)
This however should be perfectly possible, just export the SAM from NT, and import the hashes into /etc/smbpasswd, which you need anyway. But then there's no login to the Linux machine (POP3, FTP...).
Read "man 5 smb.conf" and search for "sync" and/or "password". When you feed samba with passwords (that is, provide them in the clear) it can set the "traditional" Unix password for you, too. That's BTW convenient - and easier to teach - for those users who prefer "graphical frontends" and are afraid of typing "passwd" in a terminal session. That's when they could use the means MS software provides. virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76 Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net -- If you don't understand or are scared by any of the above ask your parents or an adult to help you.