Hi Martin,
On Fri, Mar 22, 2013 at 06:33:11PM +0100, Martin Schulte wrote:
while trying to upgrade to squeeze and restore old passwords, i had
a look to the ldap in squeeze. I found the two attributes
'krbPrincipalKey' and 'sambaMungedDial'. Can someone tell me, what
is the use of these two attributes and how they are generated? Is
there a relation between the userpassword and these two attributes?
Actually i try to replace the value of the attributes
'userPassword', 'sambaLMPassword', 'sambaNTPassword' from the
squeeze ldap with the values from the lenny ldap.
The authentication method has changed completely in squeeze. Instead
of storing a hashed password in LDAP as it has been the case in Lenny,
Squeeze uses Kerberos keys. These are also some kind of a user's
password, but can also be used to encrypt any connection over the
network. There is no way to convert the password hash from Lenny to a
Kerberos principal key, so you have to create these from clear text
passwords. I am not familliar with the samba stuff however.