samba - Jun 2016 - Check password script

Yes it could be interesting.
I want to use it to send the password has an API for other software. I 
currently use the "Store passwords using reversible encryption" to use
my API. But I do not like this operation. I then use 
"http://ltb-project.org/wiki/documentation/self-service-password" with
the " post hook"

Your patch it allows you also to retrieve the user name ?

Thank you verry much !


Le 10/06/2016 10:41, garming at catalyst.net.nz a écrit
:
> Currently the functionality is not implemented in active directory (I also
> mistakenly thought it was, until I was corrected). Fortunately, I recently
> implemented it as a result of someone else raising it. It is still lacking
> some testing and needs some more work to be integrated upstream however. I
> should be able to supply the patches I have so far in the next week or so
> if you're interested.
>
> Cheers,
>
> Garming
>
>
>> Hi
>>
>> Yes,   active directory
>>
>> Simon
>>
>> Le 10/06/2016 03:37, Garming Sam a écrit :
>>> Hi,
>>>
>>> Are you running Samba active directory?
>>>
>>>
>>> Cheers,
>>>
>>> Garming
>>>
>>> On 10/06/16 00:28, blog at lesfourmisduweb.org wrote:
>>>> Hello
>>>>
>>>> I Can not run a "check password script" in smb.conf
>>>> Somebody can you tell me if this is depecated?
>>>> I find nothing in the official documentation.
>>>>
>>>> Simon
>>>>
>>
>

That sounds somewhat out of scope of the original parameter. I would be
happy to explain how the patches could be modified to send the username
(possibly as the first argument to the script). It shouldn't be a
particularly difficult change, but I'd have to look a bit closer first.

Cheers,

Garming
>
> Yes it could be interesting.
> I want to use it to send the password has an API for other software. I
> currently use the "Store passwords using reversible encryption"
to use
> my API. But I do not like this operation. I then use
> "http://ltb-project.org/wiki/documentation/self-service-password"
with
> the " post hook"
>
> Your patch it allows you also to retrieve the user name ?
>
> Thank you verry much !
>
>
> Le 10/06/2016 10:41, garming at catalyst.net.nz a écrit :
>> Currently the functionality is not implemented in active directory (I
>> also
>> mistakenly thought it was, until I was corrected). Fortunately, I
>> recently
>> implemented it as a result of someone else raising it. It is still
>> lacking
>> some testing and needs some more work to be integrated upstream
however.
>> I
>> should be able to supply the patches I have so far in the next week or
>> so
>> if you're interested.
>>
>> Cheers,
>>
>> Garming
>>
>>
>>> Hi
>>>
>>> Yes,   active directory
>>>
>>> Simon
>>>
>>> Le 10/06/2016 03:37, Garming Sam a écrit :
>>>> Hi,
>>>>
>>>> Are you running Samba active directory?
>>>>
>>>>
>>>> Cheers,
>>>>
>>>> Garming
>>>>
>>>> On 10/06/16 00:28, blog at lesfourmisduweb.org wrote:
>>>>> Hello
>>>>>
>>>>> I Can not run a "check password script" in
smb.conf
>>>>> Somebody can you tell me if this is depecated?
>>>>> I find nothing in the official documentation.
>>>>>
>>>>> Simon
>>>>>
>>>
>>
>
>

Le 10/06/2016 13:12, garming at catalyst.net.nz a écrit
:
> That sounds somewhat out of scope of the original parameter.
A further parameter can he do this function ?
> I would be
> happy to explain how the patches could be modified to send the username
> (possibly as the first argument to the script). It shouldn't be a
> particularly difficult change, but I'd have to look a bit closer first.
I am interested ! Thank you for your help !
Do not hesitate to contact me !

Simon
>
> Cheers,
>
> Garming
>
>> Yes it could be interesting.
>> I want to use it to send the password has an API for other software. I
>> currently use the "Store passwords using reversible
encryption" to use
>> my API. But I do not like this operation. I then use
>>
"http://ltb-project.org/wiki/documentation/self-service-password" with
>> the " post hook"
>>
>> Your patch it allows you also to retrieve the user name ?
>>
>> Thank you verry much !
>>
>>
>> Le 10/06/2016 10:41, garming at catalyst.net.nz a écrit :
>>> Currently the functionality is not implemented in active directory
(I
>>> also
>>> mistakenly thought it was, until I was corrected). Fortunately, I
>>> recently
>>> implemented it as a result of someone else raising it. It is still
>>> lacking
>>> some testing and needs some more work to be integrated upstream
however.
>>> I
>>> should be able to supply the patches I have so far in the next week
or
>>> so
>>> if you're interested.
>>>
>>> Cheers,
>>>
>>> Garming
>>>
>>>
>>>> Hi
>>>>
>>>> Yes,   active directory
>>>>
>>>> Simon
>>>>
>>>> Le 10/06/2016 03:37, Garming Sam a écrit :
>>>>> Hi,
>>>>>
>>>>> Are you running Samba active directory?
>>>>>
>>>>>
>>>>> Cheers,
>>>>>
>>>>> Garming
>>>>>
>>>>> On 10/06/16 00:28, blog at lesfourmisduweb.org wrote:
>>>>>> Hello
>>>>>>
>>>>>> I Can not run a "check password script" in
smb.conf
>>>>>> Somebody can you tell me if this is depecated?
>>>>>> I find nothing in the official documentation.
>>>>>>
>>>>>> Simon
>>>>>>
>>
>

Hi Simon,

Le 10/06/2016 11:12, blog at lesfourmisduweb.org a écrit
:
>
> Yes it could be interesting.
> I want to use it to send the password has an API for other software. I
> currently use the "Store passwords using reversible encryption"
to use
> my API. But I do not like this operation. I then use
> "http://ltb-project.org/wiki/documentation/self-service-password"
with
> the " post hook"
If your need is to have a ssha/cryptsha256/512 hash of the user password 
for third party apps authentication, you may take a look at the patch of 
metze [1], it seems to do just that.

Cheers,

Denis

[1] 
https://lists.samba.org/archive/samba-technical/2016-February/112300.html

>
> Your patch it allows you also to retrieve the user name ?
>
> Thank you verry much !
>
>
> Le 10/06/2016 10:41, garming at catalyst.net.nz a écrit :
>> Currently the functionality is not implemented in active directory (I
>> also
>> mistakenly thought it was, until I was corrected). Fortunately, I
>> recently
>> implemented it as a result of someone else raising it. It is still
>> lacking
>> some testing and needs some more work to be integrated upstream
>> however. I
>> should be able to supply the patches I have so far in the next week or
so
>> if you're interested.
>>
>> Cheers,
>>
>> Garming
>>
>>
>>> Hi
>>>
>>> Yes,   active directory
>>>
>>> Simon
>>>
>>> Le 10/06/2016 03:37, Garming Sam a écrit :
>>>> Hi,
>>>>
>>>> Are you running Samba active directory?
>>>>
>>>>
>>>> Cheers,
>>>>
>>>> Garming
>>>>
>>>> On 10/06/16 00:28, blog at lesfourmisduweb.org wrote:
>>>>> Hello
>>>>>
>>>>> I Can not run a "check password script" in
smb.conf
>>>>> Somebody can you tell me if this is depecated?
>>>>> I find nothing in the official documentation.
>>>>>
>>>>> Simon
>>>>>
>>>
>>
>
>
-- 
Denis Cardon
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint Sébastien sur Loire
tel : +33 (0) 2.40.97.57.55
http://www.tranquil-it-systems.fr

interesting !
Let me take a closer look at that.

I must send passwords in Office 365 and Google Apps.
Currently, My script works but it requires that Samba is configured with 
the "Plain text Password" option. I want to change that.

"Check password script" could solve my problem.

"http://ltb-project.org/wiki/documentation/self-service-password" with
"
post hook"  solves my problem currently.

I wish I use it like this :
Check password script = /script/scriptpassword.sh %U

I will also see what offers me the patch of Garming Sam.

Simon https://blog.lesfourmisduweb.org



Le 16/06/2016 19:48, Denis Cardon a écrit :
> Hi Simon,
>
> Le 10/06/2016 11:12, blog at lesfourmisduweb.org a écrit :
>>
>> Yes it could be interesting.
>> I want to use it to send the password has an API for other software. I
>> currently use the "Store passwords using reversible
encryption" to use
>> my API. But I do not like this operation. I then use
>>
"http://ltb-project.org/wiki/documentation/self-service-password" with
>> the " post hook"
>
> If your need is to have a ssha/cryptsha256/512 hash of the user 
> password for third party apps authentication, you may take a look at 
> the patch of metze [1], it seems to do just that.
>
> Cheers,
>
> Denis
>
> [1] 
> https://lists.samba.org/archive/samba-technical/2016-February/112300.html
>
>
>>
>> Your patch it allows you also to retrieve the user name ?
>>
>> Thank you verry much !
>>
>>
>> Le 10/06/2016 10:41, garming at catalyst.net.nz a écrit :
>>> Currently the functionality is not implemented in active directory
(I
>>> also
>>> mistakenly thought it was, until I was corrected). Fortunately, I
>>> recently
>>> implemented it as a result of someone else raising it. It is still
>>> lacking
>>> some testing and needs some more work to be integrated upstream
>>> however. I
>>> should be able to supply the patches I have so far in the next week
>>> or so
>>> if you're interested.
>>>
>>> Cheers,
>>>
>>> Garming
>>>
>>>
>>>> Hi
>>>>
>>>> Yes,   active directory
>>>>
>>>> Simon
>>>>
>>>> Le 10/06/2016 03:37, Garming Sam a écrit :
>>>>> Hi,
>>>>>
>>>>> Are you running Samba active directory?
>>>>>
>>>>>
>>>>> Cheers,
>>>>>
>>>>> Garming
>>>>>
>>>>> On 10/06/16 00:28, blog at lesfourmisduweb.org wrote:
>>>>>> Hello
>>>>>>
>>>>>> I Can not run a "check password script" in
smb.conf
>>>>>> Somebody can you tell me if this is depecated?
>>>>>> I find nothing in the official documentation.
>>>>>>
>>>>>> Simon
>>>>>>
>>>>
>>>
>>
>>
>