Syncning passwords from MIT Kerberos to Samba 3?
Steve Gaarder
gaarder1 at math.cornell.edu
Thu Dec 8 09:30:23 MST 2011
In the process of figuring out how to import passwords from MIT Kerberos
to Samba4's Heimdal, I learned that the arcfour-hmac-md5 kerberos key is
the same as the Windows NT password hash. So it would seem that I can
just decrypt and extract that key and put it in the smbpassswd file or
tdbsam database. I tried it and it seems to work. Of course, there is no
valid LANMAN password, but that's not an issue since I don't have any old
clients. Are there any other gotchas?
thanks,
--
Steve Gaarder
System Administrator, Dept of Mathematics
Cornell University, Ithaca, NY, USA
gaarder at math.cornell.edu
More information about the samba-technical
mailing list