thr3ads.net - samba - [Samba] SambaNTPassword [Feb 2024]

If this information is useful, please help other people find it:
Share via:

Ute Korn

2024-Feb-13 14:10 UTC

[Samba] SambaNTPassword

Hello

It is possible to use the userpassword attribute in LDAP for Samba Clients
passwords instead of SambaNTPassword?
And it is possible, that the password isn?t crypted. On the LDAP Server runs an
saslautd daemon, which will only use the userpassword Atrribut in LDAP.

Kind regards Ute

Rowland Penny

2024-Feb-13 16:40 UTC

head link

[Samba] SambaNTPassword

On Tue, 13 Feb 2024 15:10:59 +0100
Ute Korn via samba <samba at lists.samba.org> wrote:
> Hello
> 
> It is possible to use the userpassword attribute in LDAP for Samba
> Clients passwords instead of SambaNTPassword? And it is possible,
> that the password isn?t crypted. On the LDAP Server runs an saslautd
> daemon, which will only use the userpassword Atrribut in LDAP.
> 
> Kind regards Ute
> 
>  
You can populate the userpassword attribute with a plain password, but,
as far as I am aware, there is nothing to sync it with the users active
directory password.

Surely there is someway to authenticate by Active directory or kerberos
?

What are you trying to authenticate ? Perhaps someone can point you in
the right direction.

Rowland

Andrew Bartlett

2024-Feb-13 19:26 UTC

head link

[Samba] SambaNTPassword

On Tue, 2024-02-13 at 15:10 +0100, Ute Korn via samba
wrote:> Hello
> 
> It is possible to use the userpassword attribute in LDAP for Samba
> Clients passwords instead of SambaNTPassword?
> And it is possible, that the password isn?t crypted. On the LDAP
> Server runs an saslautd daemon, which will only use the userpassword
> Atrribut in LDAP.
No, you would need to syncronise between the two incompatible password
hashes. 

Also please note, you are using Samba's older NT4-like domain
controller, and need to move to the AD DC for continued support.

That technology only lives on by the fact that our tests cover some of
it and that some components are used by other things (like FreeIPA). 

Andrew Bartlett


-- 
Andrew Bartlett (he/him)       https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead                https://catalyst.net.nz/services/samba
Catalyst.Net Ltd

Proudly developing Samba for Catalyst.Net Ltd - a Catalyst IT group
company

Samba Development and Support: https://catalyst.net.nz/services/samba

Catalyst IT - Expert Open Source Solutions

samba - Feb 2024 - SambaNTPassword

[Samba] SambaNTPassword

[Samba] SambaNTPassword

[Samba] SambaNTPassword