Web lists-archives.com

Re: [Samba] Provision new domain keeping users and passwords




On Thu, 30 Mar 2017 08:18:30 +1300
Andrew Bartlett <abartlet@xxxxxxxxx> wrote:

> On Wed, 2017-03-29 at 15:06 +0100, Rowland Penny via samba wrote:
> > The users password is stored in an hidden attribute which is
> > supposed to be unreadable, but you can read it on a Samba DC, but
> > it is heavily
> > encoded. You may be able to obtain some of the users password with
> > pdbedit, but can you get them all ?
> 
> To be clear, by design pdbedit can obtain all the unicodePwd values
> (the NT hash) for users in the domain.  For clarity this is the same
> underlying value as the sambaNTPassword in traditional 'Samba3'
> domains using LDAP.
> 
> Andrew Bartlett
> 

Yes, but will all the AD users be in the pdbedit database ?

Rowland


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba