ldap base transfer (not samba3 + ldap) in samba4

Marc Muehlfeld samba at marc-muehlfeld.de
Tue Apr 30 12:17:53 MDT 2013

Hello Alexandr,

Am 26.04.2013 16:23, schrieb Alexandr Kuznecov:
> if I by means of the control panel from microsoft on the Active Directory control
> change the password, the user can become authorized and work. I would
> accept also such option, BUT! I have 695 users and to everyone to change
> the password and then to recustomize all connections will take a lot of
> time and heavy losses in connection with impossibility of users to perform
> the work.

As Matthieu already wrote, unixPassword is not the one Samba uses.

But you can generate a random password, set it with samba-tool and mail 
it to the users with a short script. Something like:

while read USERNAME ; do

    RAND="$(cat /dev/urandom | tr -dc A-Za-z0-9\-\. | head -c 10)

    MAILADR="$(ldapsearch ..... -x mail | grep ....)"

    samba-tool user setpassword --filter=samaccountname=$USERNAME 

    echo "Use the following new password for your network logon: $RAND" 
| mail -s "New password information" $MAILADR


If you authenticate the users mail against this domain, then you can 
just generate the mails with a message, that this would be the new 
password after day x and store the new password in a file. Then on day x 
you set the passwords with a loop by reading the password file.


More information about the samba-technical mailing list