Forcing plaintext password storage for Samba 4

Andrew Bartlett abartlet at
Wed Nov 10 04:26:02 MST 2010

On Wed, 2010-11-10 at 12:20 +0100, Angelos Oikonomopoulos wrote:
> On 11/10/2010 10:27 AM, Stefan (metze) Metzmacher wrote:
> > Hi Angelos,
> Hello Stefan,

> Would a program that can dump user passwords be welcome as part of 
> samba4? I think it would be too much of a hack. Perhaps it's a better 
> idea to add an option to store the plaintext password in a 
> samba-specific custom field?

I think both would be quite good ideas.  We would simply store the
plaintext in userPassword, as it is an existing attribute in the schema.
(to do so properly with replication from Windows, a module below
replPropertyMetaData would need to intercept the writes to the blob, and
read the password out and store it as UTF8). 

Andrew Bartlett

Andrew Bartlett                      
Authentication Developer, Samba Team 
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the samba-technical mailing list