Re: Password conversion to lmpassword ntpassword

[Duncan Brannen <dbb@st-andrews.ac.uk>]

At 23:16 08/07/2003 +0200, Michael Ströder wrote:
> charlie derr wrote:
> > The best that we could think of (though we haven't yet implemented it -- 
> > we're hoping to do so soon) is to create a password-changing mechanism 
> > (webpage) that will reset all three (when the user enters the valid 
> > userPassword).
>
> I'd also recommend this solution. Especially since you can authenticate 
> the user by his/her old userPassword. It's not much effort to code such a 
> CGI-BIN.


This is the way we did it here, we've a cgi-bin script on a secured web 
server that authenticates users &
then allows them to update their passwords.  We generate ntpassword,lmhash 
and crypt, update the
ldap server and push the crypt to NIS. We've stopped people from updating 
passwords from the command line
(NIS) so we don't have to worry about syncing back the way.

Works ok & was fairly simple to implement.

Cheers,
        Duncan



> Ciao, Michael.