On Mon, 2021-05-03 at 17:46 -0700, Ryan Tandy wrote: > Hi Diane, > > Yes, the LM hash code has been removed upstream in the 2.5 series. > > I don't know if I'd be comfortable removing the code from already > released packages. One would hope no one actually uses it, but I have > no > way to know for sure.
Yes. I thought about using smbk5pwd but felt like I shouldn't given the LM password. If I understood how attributes could get added to the ldap schema it might make sense to add something to the olcOverlay configuration to allow disabling the LM password code path? Maybe something like: olcSmbK5PwdLMPasswordDisable: TRUE Diane
