Andrew Bartlett d2a473a7b7 dsdb: Allow password history and password changes without an NT hash ... We now allow this to be via the ENCTYPE_AES256_CTS_HMAC_SHA1_96 hash instead which allows us to decouple Samba from the unsalted NT hash for organisations that are willing to take this step (for user accounts). (History checking is limited to the last three passwords only, as ntPwdHistory is limited to NT hash values, and the PrimaryKerberosCtr4 package only stores three sets of keys.) Since we don't store a salt per-key, but only a single salt, the check will fail for a previous password if the account was renamed prior to a newer password being set. Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>		2022-06-26 22:10:29 +00:00
..
common	dsdb/common: Make some parameters const	2022-06-14 07:21:29 +00:00
dns	s4: rename source4/smbd/ to source4/samba/	2020-11-27 10:07:18 +00:00
kcc	dsdb periodic: DNS: split aging from tombstone deletion	2021-06-20 23:26:32 +00:00
repl	s4: rename source4/smbd/ to source4/samba/	2020-11-27 10:07:18 +00:00
samdb	dsdb: Allow password history and password changes without an NT hash	2022-06-26 22:10:29 +00:00
schema	dsdb/schema: let dsdb_syntax_DN_BINARY_drsuapi_to_ldb return WERR_DS_INVALID_ATTRIBUTE_SYNTAX	2022-01-12 03:09:52 +00:00
tests/python	dsdb: Allow password history and password changes without an NT hash	2022-06-26 22:10:29 +00:00
pydsdb.c	pydsdb: Add API to return strings of known UF_ flags	2021-09-02 05:03:31 +00:00
samdb.pc.in
wscript_build	CVE-2020-25718 dsdb: Bring sid_helper.c into common code as rodc_helper.c	2021-11-09 19:45:34 +00:00