Extracting the trust account password (for use with Win2k's ktpass)?

[Matthew X. Economou]

Hello, all:

My Samba server is a member of a Windows 2000 AD domain.
Authentication to the Samba server is, of course, by encrypted NTLM
hashes.  Authentication to the host itself, which runs Red Hat Linux
7.1, is by NIS (the AD domain controller is running Server for NIS).
I want to remove NIS (or at least the passwords from NIS).  To
accomplish this, I wish to use pam_krb5 to authenticate users logging
into the host itself.

In order to configure pam_krb5, I need to create and export a service
key for "host/host.domain at DOMAIN" using ktpass (on the domain
controller).  This key is installed into /etc/krb5.keytab on the Linux
box and is used by the PAM module.  pam_krb5 will not function without
this service key.

The ktpass utility prompts for the password of the machine account and
sets the Kerberos DES key using it.  I want to use the machine
account's existing password, as set by 'smbpasswd -j', rather than
make a new one up, so I don't screw up the trust relationship.

To that end, I've been hacking around with the pdb_gethexpwd()
function, trying to figure out how to extract the trust account
password from the file /etc/samba/$DOMAIN.$HOST.mac file.
Unfortunately, the output I get has non-ASCII characters in it.  I
really don't know what I'm doing.

Can any one help me extract the trust account password for use with
ktpass?

Kind regards,
#\Matthew

-- 
Matthew X. Economou <xenophon at irtnog.org> - Unsafe at any clock speed!
"We know for certain only when we know little.  With knowlege, doubt
increases." - Goethe