LDAP Synchronization
Robert Colquhoun
robert.colquhoun at gmail.com
Sun Jun 17 07:42:04 MDT 2012
On Sun, Jun 17, 2012 at 4:20 PM, Robert Colquhoun
<robert.colquhoun at gmail.com> wrote:
> Looking at source it seems to want the value
> "DSDB_CONTROL_PASSWORD_HASH_VALUES_OID" value enabled somehow, not
> sure how to do this.
Ok can enable the above with the "--controls" flag to ldpmodify, ie
modifying previous example:
....
sam_file = "/usr/local/samba/private/sam.ldb"
user_dn = "Robert Colquhoun,CN=Users,DC=bleh,DC=example,DC=com,DC=au"
ldap_samba_nt_password = "1234567890ABCDEF1234567890ABCDEF"
b64_hash = base64.b64encode(binascii.a2b_hex(ldap_samba_nt_password))
cmd = """ldbmodify -H %s --controls=local_oid:1.3.6.1.4.1.7165.4.3.12:0 <<EOF
dn: %s
changetype: modify
replace: unicodePwd
unicodePwd:: %s
EOF
""" % (sam_file, user_dn, b64_hash)
subprocess.call(cmd, shell=True)
...and it sets correctly!
Took all weekend to work out :( Am guessing i am not supposed to be
doing this kind of operation.
I have also had a handful of other issues getting samba 4 working, are
they supposed to be reported here?
ie Adding users to groups:
# samba-tool group addmembers accounts "User account that doesnt exist"
Added members to group accounts
More information about the samba-technical
mailing list