Web lists-archives.com

Re: [Samba] Samba 4 account with a 'ldbmodify-ed' password does not login into domain from a Windows 7 VM




On Sun, 2017-04-09 at 16:12 +0100, Rowland Penny via samba wrote:
> On Sun, 09 Apr 2017 14:47:59 +0000
> Leonardo Bruno Lopes via samba <samba@xxxxxxxxxxxxxxx> wrote:
> 
> 
> 
> > Is there any chance that this could mean I only need to wipe  
> > 'supplementalCredentials' attribute -- I saw that it is possible
> > --  
> > after set the password with 'ldbmodify'? Unfortunately I can't
> > get  
> > this tested until tomorrow.
> > 
> 
> try using something like this in your script:

More like:

ldbmodify -H /usr/local/samba/private/sam.ldb --
controls=local_oid:1.3.6.1.4.1.7165.4.3.12:0 << EOF
dn: CN=User,CN=Users,DC=samdom,DC=example,DC=com
changetype: modify
replace: unicodePwd
unicodePwd:: xxxxxxxxxxxxxxxxxxxxxxxx
delete: supplementalCredentials
-
EOF

Should do it.

Andrew Bartlett

-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba