search for: virtualcleartextutf8

...tool user getpassword --decrypt-samba-gpg are different. Do the returned values need to be decoded ? I'm using Samba 4.5.1 on CentOS 7 with gpgme-devel and pygpgme installed. The plaintext password for this is Hdg43hj5 samba-tool user getpassword username --attributes=virtualClearTextUTF16,virtualClearTextUTF8,virtualSambaGPG,unicodePwd --decrypt-samba-gpg dn: CN=username,CN=Users,DC=ad,DC=example,DC=com unicodePwd:: +kiiRa+tFYsnUIb+ABlZdQ== virtualClearTextUTF16:: SABkAGcANAAzAGgAagA1AA== virtualClearTextUTF8:: SGRnNDNoajU= virtualSambaGPG:: LS0tLS1CRUdJTiBQR1AgTUVTU0FHRS0tLS0tClZlcnNpb246IEdudVBHIHYy...

...The code was written for python2 and needs >updating to python3 Yes, but as i explained before, we managed to make it work since almost a thousand days in a row ? THe ldb cache is initialized with: samba-tool user syncpasswords --cache-ldb-initialize --attributes=virtualSSHA,samaccountname,virtualClearTextUTF8 --script=/opt/syncpwd.py --decrypt-samba-gpg We originally modified a bit the script to retrieve the virtualClearTextUTF8 value of the password, then decode it in base64 , re encode it in md4 and send it to remote LDAP server. This worked like a charm. Nothing has been modified or updated on the...

[Clearly, this question is intimately connected to the previous...] I need a way to ''preprocess'' or at least intercept password changes, because i need to propagate them to other ''legacy'' systems. I've looked around and found syncpasswords / getpassword samba-tool commands, but really i've not understood how they work. Seems to me that can be useful in

...d[985]: # Passwords[0] 7d1b0000-b7f7-4fda- 8479-b5cb70a01030 S-1-5-21-1608159440-4144762864-1017073214-15729 # attrs=['dn', 'mail', 'objectGUID', 'objectSid', 'proxyAddresses', 'pwdLastSet', 'sAMAccountName', 'userAccountControl', 'virtualClearTextUTF8'] Fri Oct 4 12:29:52 2019: pid[985]: Call Popen[/usr/local/bin/syncpw.py] for CN=gorkon_klingons,OU=Users,OU=klingons,OU=Organizations,DC=xxxx,DC=xxx ERROR(<class 'TypeError'>): uncaught exception - memoryview: a bytes- like object is required, not 'str' File "/usr...

...rnal system # gpg2 --gen-key # gpg2 --list-keys --keyid-format LONG - add the pub key to "password hash gpg key ids" in smb.conf - configure password script # samba-tool user syncpasswords --script=/some_folder/some_script.py --cache-ldb-initialize --decrypt-samba-gpg --attributes=virtualClearTextUTF8,sAMAccountName # samba-tool user syncpasswords --logfile=/var/log/some_log_file.log --daemon some_script.py receives the username (sAMAccountName) and password (virtualClearTextUTF8) in base64. The script ends with print 'DONE-EXIT: '. Dale

>Where did you get the password sync script from ? Are you aware that >samba-tool now has the facility to do this ? > >Have a look here: > >https://dev.tranquil.it/wiki/SAMBA_-_Synchronisation_des_mots_de_passe_entre_un_Samba4_et_une_OpenLDAP<https://dev.tranquil.it/wiki/SAMBA_-_Synchronisation_des_mots_de_passe_entre_un_Samba4_et_une_OpenLDAP> > >Rowland This is the

...s > >updating to python3 > > Yes, but as i explained before, we managed to make it work since > almost a thousand days in a row ? > > THe ldb cache is initialized with: > > samba-tool user syncpasswords --cache-ldb-initialize > --attributes=virtualSSHA,samaccountname,virtualClearTextUTF8 > --script=/opt/syncpwd.py --decrypt-samba-gpg > > We originally modified a bit the script to retrieve the > virtualClearTextUTF8 value of the password, then decode it in base64 , > re encode it in md4 and send it to remote LDAP server. This worked > like a charm. > > No...

...Users,OU=xxxxx,OU=Organizations,DC=xxxxx,DC=xxxxx proxyAddresses: SMTP:xxxxx.xxxxx at xxxxx.org objectGUID: 637f4e70-8c1e-4e89-a6fc-82d525e584f2 pwdLastSet: 0 objectSid: S-1-5-21-1608159440-4144762864-1017073214-27184 sAMAccountName: userxxxx mail: xxxxx.xxxxx at xxxxx.xxxxx userAccountControl: 514 virtualClearTextUTF8:: S2VubndvcnQx root at probe28:~# root at probe28:~# root at probe28:~# root at probe28:~# cat test.dat | /usr/local/bin/syncpw.py DONE-EXIT: change password to userxxxx root at probe28:~# Am Freitag, den 04.10.2019, 13:53 +0100 schrieb Rowland penny via samba: > On 04/10/2019 12:03, Hein...

...0] 7d1b0000-b7f7-4fda- > 8479-b5cb70a01030 S-1-5-21-1608159440-4144762864-1017073214-15729 > # attrs=['dn', 'mail', 'objectGUID', 'objectSid', 'proxyAddresses', > 'pwdLastSet', 'sAMAccountName', 'userAccountControl', > 'virtualClearTextUTF8'] > Fri Oct 4 12:29:52 2019: pid[985]: Call > Popen[/usr/local/bin/syncpw.py] for > CN=gorkon_klingons,OU=Users,OU=klingons,OU=Organizations,DC=xxxx,DC=xxx > ERROR(<class 'TypeError'>): uncaught exception - memoryview: a bytes- > like object is required, not 's...