I found this one https://lists.samba.org/archive/samba/2015-September/194133.html It's a good point of start. thank you rowland. On 20.03.2017 21:37, Rowland Penny via samba wrote:> On Mon, 20 Mar 2017 21:17:00 +0100 > basti via samba <samba at lists.samba.org> wrote: > >> I need the unix password for mail. the user should not be able to >> change this, if win* password is changed. > Most Linux mailservers should be able to authenticate with the AD > password, but I suppose you could use the Unix password. > >> In the wiki i have read that you should not mix RSAT and samba-tool >> management, thats why i ask. > Where does it say this ? > >> is there a way to set a unix password after a domain user is created? >> > I think you are going to have to write your own script around > ldbmodify/ldapmodify and the unixUserPassword attribute > > Rowland > >
Hello, as is the link I have set a unix password. add: unixUserPassword unixUserPassword: ABCD!efgh12345$67890 # dummy unix password that ADUC gives to all Unix users But I can't login with this pass. Is this password clear-text? must it be a hash? Is there a way to config winbind to use this ldap attribute? Basti On 20.03.2017 22:10, basti via samba wrote:> I found this one > https://lists.samba.org/archive/samba/2015-September/194133.html > It's a good point of start. > thank you rowland. > > > On 20.03.2017 21:37, Rowland Penny via samba wrote: >> On Mon, 20 Mar 2017 21:17:00 +0100 >> basti via samba <samba at lists.samba.org> wrote: >> >>> I need the unix password for mail. the user should not be able to >>> change this, if win* password is changed. >> Most Linux mailservers should be able to authenticate with the AD >> password, but I suppose you could use the Unix password. >> >>> In the wiki i have read that you should not mix RSAT and samba-tool >>> management, thats why i ask. >> Where does it say this ? >> >>> is there a way to set a unix password after a domain user is created? >>> >> I think you are going to have to write your own script around >> ldbmodify/ldapmodify and the unixUserPassword attribute >> >> Rowland >> >> > >
Rowland Penny
2017-Mar-30 09:36 UTC
[Samba] Fwd: Re: Samba AD Manage User, set unix passwd
On Thu, 30 Mar 2017 11:14:40 +0200 basti via samba <samba at lists.samba.org> wrote:> Hello, as is the link I have set a unix password. > > add: unixUserPassword > unixUserPassword: ABCD!efgh12345$67890 # dummy unix password that ADUC > gives to all Unix users > > But I can't login with this pass. Is this password clear-text? must it > be a hash? > Is there a way to config winbind to use this ldap attribute? >You didn't actually use 'ABCD!efgh12345$67890' as the password ? It is, as it says, a dummy password and if you add the Unix attributes with ADUC, this is what you get for every user. You will need to supply the password in what ever way the service you are going to use it for requires i.e. SSHA You will also need to tell what ever service it is, how to get the password If Dovecot is involved, you can set this up to use the users AD password. Rowland