[Samba] Win2k Password Hash
Robert Rati
Robert.Rati at motorola.com
Mon Nov 10 23:26:51 GMT 2003
I posted this earlier, but never saw it show up in the mailing list so
I'm posting it again.
I have a Samba 3.0 PDC using LDAP as it's password database backend, but
I can't get a user to log on to a Win2k machine on the domain. In the
log file for the PC (on the Samba machine), I see that the user is found
in the LDAP backend but that getpwnam failed. The username does not
exist on the Linux machine in any form. These usernames are ment to be
for Windows only (at this time anyway). I set log level at 5 and tried
again and I see that the Lanman and NT password checks fail. I used the
mkntpwd that comes with samba 3.0 to create the passwords I put in the
LDAP database, but obviously I've done something wrong. Is the mkntpwd
program supposed to be for NT4.0 machines? Does Win2k use a different
password algorithm? The entries in the LDAP database for a user have
these fields:
sambaLMPassword: <1st hash from mkntpwd>
sambaNTPassword: <2nd hash from mkntpwd>
Should I have something preceeding the passwords in the LDAP database
(like {SSHA})? Any help on this would be much appreciated.
Rob
More information about the samba
mailing list