SMB bulk add utility

Andrew Bartlett abartlet at
Tue Sep 18 01:46:41 GMT 2007

On Mon, 2007-09-17 at 20:21 -0500, Christopher R. Hertel wrote:
> Peter,
> The raw password is needed in order to generate the hashes used for Windows
> authentication.  If kerberos is supported then there may be an option, but
> for NTLM or NTLMv2 authentication you'll need the NTLM hash.  If that's not
> already in eDirectory, then you'll need to generate it and it can only be
> generated from the original password.
> That's the nature of security systems.  You shouldn't be able to get the raw
> password out of the system.  It should only ever go in (and be destroyed
> after it is used).

Happily (?) eDirectory stores a 'universal password' (being the
plaintext), which Samba can obtain, if you have recent versions of both.

Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team 
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list