Luigi Santangelo
2008-Mar-19 11:15 UTC
[Fedora-directory-users] windows sync and password "clear"
Hi everybody, this is my problem:
I configured my Fedora DS and now I can sync the LDAP''s users with
Windows 2003 Active Directory. Then, I created a new user with this
code ldif
dn: uid=red,ou=Other,ou=Students,ou=People,dc=xxxxx,dc=xx
givenName: red
sn: red
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetorgperson
objectClass: ntuser
uid: red
ntUserCreateNewAccount: true
ntUserDeleteAccount: true
cn: red
ntUserDomainId: red
userPassword: redpwd
creatorsName: uid=root,ou=administrators,ou=topologymanagement,
o=netscaperoot
modifiersName: uid=root,ou=administrators,ou=topologymanagement,
o=netscaperoot
createTimestamp: 20080318153555Z
modifyTimestamp: 20080318153555Z
nsUniqueId: f8f6c801-f50011dc-80ebbfe2-cc3ccdae
Note that I wrote the user''s password in "clear". Now, I can
logon
the
Windows AD with the username red and the password redpwd.
Then I added another user (yellow) with this code ldif
dn: uid=yellow,ou=Other,ou=Students,ou=People,dc=xxxxx,dc=xx
givenName: yellow
sn: yellow
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetorgperson
objectClass: ntuser
uid: yellow
ntUserCreateNewAccount: true
ntUserDeleteAccount: true
cn: yellow
ntUserDomainId: yellow
userPassword: {MD5}8cb32079718c657b02bbbb176b97d030
creatorsName: uid=root,ou=administrators,ou=topologymanagement,
o=netscaperoot
modifiersName: uid=root,ou=administrators,ou=topologymanagement,
o=netscaperoot
createTimestamp: 20080318153555Z
modifyTimestamp: 20080318153555Z
nsUniqueId: f8f6c801-f50011dc-80ebbfe2-cc3ccdae
Note the MD5(yellowpwd) = 8cb32079718c657b02bbbb176b97d030
Then If I try logon the Windows AD (from Windows) with the username
yellow and the password yellowred, I cannot log in. Instead, if I try
logon the Windows AD with the username yellow and the
password {MD5}8cb32079718c657b02bbbb176b97d030 I can log in.
Do you think that this is a problem strictly related to Windows''
problem? How can I get over it?
Thank you in advance.
______________________________________________
Adotta un bambino a distanza. Avrà vestiti, cibo, scuola?e avrà te!
http://social.tiscali.it/promo/C02/sos/
solarflow99
2008-Mar-19 12:27 UTC
Re: [Fedora-directory-users] windows sync and password "clear"
I think windows passwords have to hashed differently, so you''d have to reset their password or generate it with the windows password generator included with samba, I think its called ntpwd or something like that. On 3/19/08, Luigi Santangelo <santangelo.luigi@tiscali.it> wrote:> > Hi everybody, this is my problem: > I configured my Fedora DS and now I can sync the LDAP''s users with > Windows 2003 Active Directory. Then, I created a new user with this > code ldif > > dn: uid=red,ou=Other,ou=Students,ou=People,dc=xxxxx,dc=xx > givenName: red > sn: red > objectClass: top > objectClass: person > objectClass: organizationalPerson > objectClass: inetorgperson > objectClass: ntuser > uid: red > ntUserCreateNewAccount: true > ntUserDeleteAccount: true > cn: red > ntUserDomainId: red > userPassword: redpwd > creatorsName: uid=root,ou=administrators,ou=topologymanagement, > o=netscaperoot > modifiersName: uid=root,ou=administrators,ou=topologymanagement, > o=netscaperoot > createTimestamp: 20080318153555Z > modifyTimestamp: 20080318153555Z > nsUniqueId: f8f6c801-f50011dc-80ebbfe2-cc3ccdae > > Note that I wrote the user''s password in "clear". Now, I can logon > the > Windows AD with the username red and the password redpwd. > Then I added another user (yellow) with this code ldif > > dn: uid=yellow,ou=Other,ou=Students,ou=People,dc=xxxxx,dc=xx > givenName: yellow > sn: yellow > objectClass: top > objectClass: person > objectClass: organizationalPerson > objectClass: inetorgperson > objectClass: ntuser > uid: yellow > ntUserCreateNewAccount: true > ntUserDeleteAccount: true > cn: yellow > ntUserDomainId: yellow > userPassword: {MD5}8cb32079718c657b02bbbb176b97d030 > creatorsName: uid=root,ou=administrators,ou=topologymanagement, > o=netscaperoot > modifiersName: uid=root,ou=administrators,ou=topologymanagement, > o=netscaperoot > createTimestamp: 20080318153555Z > modifyTimestamp: 20080318153555Z > nsUniqueId: f8f6c801-f50011dc-80ebbfe2-cc3ccdae > > Note the MD5(yellowpwd) = 8cb32079718c657b02bbbb176b97d030 > Then If I try logon the Windows AD (from Windows) with the username > yellow and the password yellowred, I cannot log in. Instead, if I try > logon the Windows AD with the username yellow and the > password {MD5}8cb32079718c657b02bbbb176b97d030 I can log in. > Do you think that this is a problem strictly related to Windows'' > problem? How can I get over it? > Thank you in advance. > > > > > ______________________________________________ > Adotta un bambino a distanza. Avrà vestiti, cibo, scuola?e avrà te! > http://social.tiscali.it/promo/C02/sos/ > > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >