Bug#988033: slapd-contrib: It would be good to avoid generating sambaLMPassword hashes
Ryan Tandy
ryan at nardis.ca
Tue May 4 02:44:33 BST 2021
On Mon, May 03, 2021 at 06:08:40PM -0700, Diane Trout wrote:
>If I understood how attributes could get added to the ldap schema it
>might make sense to add something to the olcOverlay configuration to
>allow disabling the LM password code path?
>
>Maybe something like:
>
>olcSmbK5PwdLMPasswordDisable: TRUE
I'm not likely to work on such a patch myself. I guess I could apply it
if someone else wrote it, but reluctantly, because it would be another
removed config element to deal with for upgrades to 2.5.
I think I'm coming to agree with you that the LM support should be
deleted for bookworm (and bullseye-backports). The question remains
whether it should be removed from bullseye as well. AFAIK the release is
only a few weeks away, so I'm inclined to answer "it's too late", but I
suppose I could be convinced otherwise.
More information about the Pkg-openldap-devel
mailing list