[Samba] Retrieve winbind machine password
Andrew Bartlett
abartlet at samba.org
Sun Oct 22 01:43:47 UTC 2023
On Sat, 2023-10-21 at 11:41 +0200, Kees van Vloten via samba wrote:
> Hi Team,
>
>
> I am currently looking into enterprise wifi with the machine account. I
> did find some clues on the internet but the peice that is missing is the
> password of the machine account.
>
> Is it possible foor user root to extract that password in clear text
> from the secrets database where winbind has stored it?
>
> /var/lig/samba/private/secrets.tdb seems to contain the info and
> tdbdump can output it, but some more decoding is needed before it can be
> used in the NetworkManager configuration. What are the commands to get
> that done?
People used to do this with tools that read that DB, which is of course
possible, but we have this script:
./source4/scripting/bin/machineaccountpw
Note that the password is very random these days.
But please do be aware that MSCHAPv2 is still NTLMv1 under the hood.
Better than plaintext if you have the certificate checking done
properly, but if you can do real certificates, do that!
Andrew
--
Andrew Bartlett (he/him) https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Developer, Catalyst IT https://catalyst.net.nz/services/samba
More information about the samba
mailing list