s4: Let the "setpassword" script finally use the "samdb_set_password" routine

Matthias Dieter Wallnöfer mwallnoefer at yahoo.de
Wed Sep 9 11:17:28 MDT 2009

Hi Andrew!

I wanted to achieve that the "setpassword" tool uses the 
"samdb_set_password" call so at least it should enforce now the password 
Regarding "userPassword": on Windows Server 2003 I set it to a certain 
value (hash) but wasn't able to login afterwards with it. Are you sure 
that this attribute is also used for saving the login password?


Andrew Bartlett schrieb:
> On Mon, 2009-09-07 at 15:05 -0500, Matthias Dieter Wallnöfer wrote:
>> commit fdd62e9699b181a140292689fcd88a559bc26211
>> Author: Matthias Dieter Wallnöfer <mwallnoefer at yahoo.de>
>> Date:   Wed Aug 19 12:37:11 2009 +0200
>>     s4: Let the "setpassword" script finally use the "samdb_set_password" routine
>>     The "setpassword" script should use the "samdb_set_password" call to change
>>     the NT user password. Windows Server tests show that "userPassword" is not the
>>     right place to save the NT password and does not inherit the password complexity.
> What version of Windows did you test with here?
> What is the behaviour you saw?
> In any case, I'm willing to deviate from Windows here, to have
> userPassword set the user's AD password.  We also use it in the
> provision scripts, and it will make unix interop much easier. 
> Andrew Bartlett

More information about the samba-technical mailing list