On Fri, May 30, 2008 at 3:12 PM, Charlie <[EMAIL PROTECTED]> wrote: > When I converted our networks to samba a decade or more ago, I started > out by trying to crack all our user passwords by brute force, but I > could only get about 90% of them in any reasonable time frame. So,
Wow. *Only* 90%. Did the security admin have a cow? Perhaps your password policies were too lax? instead, we modified our password changing process to produce the NT > and LM hashes as well as the MD5 hashes and made all our users > passwords expire over the course of the next two weeks. Maybe it should be mentioned that this can be accomplished with the 'unix password sync = yes' if you are using pam_ldap on your Samba server. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba