password hash patches
Matthias Dieter Wallnöfer
mdw at samba.org
Sun Jun 6 14:36:17 MDT 2010
Hi ekacnet,
Matthieu Patou wrote:
> Hello mathias,
>
> I found that's not possible (anymore ?) to the hash of a password
> unless this control is set:
> DSDB_CONTROL_PASSWORD_HASH_VALUES_OID.
Exactly.
> Do you have unit tests that verify this behavior ? searching the code
> I didn't saw much place where this OID is used.
No, there don't exist external unit tests since this control should be
really kept private.
> Also the question is how you can set it from the command line or from
> python ?
> Is it done on purpose ? if so how upgradeprovision how can it set the
> unicodePwd field (to "upgrade" the msDs-KeyVersionNumber value).
Do you really need to set the password through hashes? At the moment the
"samdb_set_password" call is the only one place where we use this
control from. But it is intentional that you can't access it directly
from Python.
A way around would be to deactivate the module stack or the
passwords_hash module for a moment to set directly "unicodePwd".
Matthias
More information about the samba-technical
mailing list