search for: _dn

Hi, Thank you for this answer, unfortunately I was not able to re-hash password as they are hashed into LDB database. First I retrieved the hash: ldbsearch -H $sam '(cn=some user)' unicodePwd # record 1 dn: CN=some user,OU=Users Management,DC=ad,DC=example,DC=com unicodePwd:: COwwLgiqqaHRyhy4HxWp4A== This "unicodePwd" attribute comes from a quick search into "user"

...t; Ah but what goes in is not necessarily what you think! I have a bash script to create a user, it has this line: UNICODEPWD=$(echo -n "\"$_USER_PW\"" | iconv -f UTF-8 -t UTF-16LE | base64 -w 0) The user is then created from a ldif and at the bottom of the ldif is this: $_DN changetype: modify replace: unicodePwd unicodePwd::$UNICODEPWD" The whole idea is that it is very difficult to decode the AD users password, on a windows DC you cannot obtain the users password, you seemingly can only obtain it on a samba4 DC by acting directly on the .ldb file. I suppose...