Why doesn’t XenServer enable shadow passwords or authconfig. What year is this 1996 ? My guess is so that it can readd the hashed root without privs for things like xencenter to be able to edit the passwd via xapi. Tho i don’t see any password manipulation api hooks. I am really curious why this isnt set.
I have been manually (well chef does it) setting the dom0 passwords to shadow by detecting if its a xenserver and running pwconv. There hasn’t been any repercussions in the last 3 years.
Now moving up to xen6 in my test pool im running into all sortsa auth isues requireing me to single user my upgraded Hosts and pwconv and passwd them. Blargh.