sambaPasswordHistory LDAP Attrinbute

Shahms King shahms at
Fri Nov 5 21:26:44 GMT 2004

On Fri, 2004-11-05 at 14:36 -0500, Jared Rich wrote:
> That does not seem to work for me.
> For a password of "password", this is what shows in sambaPasswordHistory:
> 8E36265C3B44B640CCB365040DE68E5A 4BF09D61C23AB4A0CC9D1866E1C69191
> I added the space between the 2 16 byte values for clarity.  I got the MD4
> hash of the unicode version of "password" by running this:
> mkntpwd -N password
> that retuned:  8846F7EAEE8FB117AD06BDD830B7586C

So far so good.

> so, if I run: mkntpwd -N
> 8E36265C3B44B640CCB365040DE68E5A8846F7EAEE8FB117AD06BDD830B7586C
> which is mkntpwd -N [1st 16 bytes in sambaPasswordHistory+value from mkntpwd
> -N password]
> I should get the 2nd 16 byte value in sambaPasswordHistory...  but I don't.

No, you shouldn't.  First of all, mkntpwd uses MD4, not MD5.  Secondly,
both hash functions work on bytes and the strings you're passing are the
hex values of the byte arrays you should be using.

> was that supposed to say MD5 in your last post?? I did tried both MD4 and MD5
> just to check, but nither gave me the right result.

Yeah, it is md5

> What am I doing wrong here?
> Jared

Here's a short Python snippet that gets the right values:

import md5
import struct

def getbytes(string):
  bytes = [int(string[i:i+2], 16) for i in xrange(0, len(string), 2)]
  return struct.pack("%iB" % len(bytes), *bytes)

# taken from sambaPasswordHistory value
salt = getbytes("8E36265C3B44B640CCB365040DE68E5A")
# taken from mkntpwd -N password
passwd = getbytes("8846F7EAEE8FB117AD06BDD830B7586C")

print md5.md5(salt + passwd).hexdigest().upper()

Shahms E. King <shahms at>
Multnomah ESD

Public Key:
1612 054B CE92 8770 F1EA  AB1B FEAB 3636 45B2 D75B
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list