LDAP client requires smbpasswd encrypt tool
Matt Chapman
m.chapman at student.unsw.edu.au
Thu Jan 7 06:12:18 GMT 1999
Alan Knowles wrote:
> I am developing an open source PHP web based LDAP navigation/editor tool
> at present, and would like to add samba support - eg. the samba
> objectclasses.
Great! Remember however that all of this is still classified as 'experimental',
and is also subject to expansion as the NT domains functionality progresses.
> You have discussed the schema in the list so I have a
> number of questions
>
> Is there a repositry of the 'finalised???' schema?
Currently the sambaUser objectclass looks like this:
objectclass sambaUser
requires
objectClass
uid
uidNumber
ntuid
rid
allows
gidNumber
grouprid
acctFlags
lmPassword
ntPassword
pwdLastSet
pwdCanChange
pwdMustChange
cn
description
smbHome
homeDrive
script
profile
workstations
logonTime
logoffTime
kickoffTime
> I did consider grabbing all the sources and modifying smbpasswd so it
> only prints the line that it would add to the smbpasswd file. but since
> my C is a little rusty I was hoping that someone else might have done
> this. either that or is there an easier way of generating the password
> in Perl/PHP? - neither seem to have libraries for MD4 encryption!!. and
> I could not gather how the program generates the 2 different encrypted
> data pieces.
As I understand it the NT hash uses MD4 while the LM hash is some type of DES
hash. I suggest the best strategy is to call smbpasswd (probably with -s: use
stdin for password prompt) from your script to do the actual password change.
Matt
--
Matt Chapman
m.chapman at student.unsw.edu.au
More information about the samba-technical
mailing list