[Samba] Re: Yet Another LDAP Question

[Ryan Novosielski]

What you CAN do is use PAM_smbpass, with the migrate flag, and migrate all
of the UNIX passwords this way. This way, when a user logs in via UNIX or
Samba, their password makes it into the Samba password file. You never
actually have to turn on password encryption via smbpasswd, 'far as I
know, but this will give you a list of NT hashes to work with to then
convert.

Does this help at all?

---- _  _ _  _ ___  _  _  _
|Y#| |  | |\/| |  \ |\ |  |  | Ryan Novosielski - Jr. UNIX Systems Admin
|$&| |__| |  | |__/ | \| _|  | novosirj at umdnj.edu - 973/972.0922 (2-0922)
\__/ Univ. of Med. and Dent. | IST/ACS - NJMS Medical Science Bldg - C630

On Mon, 26 Apr 2004, Michal Kurowski wrote:

> Paul Gienger [pgienger at ae-solutions.com] wrote:
> > I believe the README is out of date.  Their website says that something
> > like .80 and up work on 3.x.  I have used .84 to populate a 3.0.2 server
> > just fine making only configuration changes like server locations,
> > containers, and domain SID.  I did have to hack one script for my
> > purposes, but that was only because my primary ldap server is over a
> > greater-latency-than-local-lan link and replication takes a couple seconds.
> >
>
> It relates to my last question: is there any way to for unix->NT
> password conversion ?
>
> I need to create ntAccounts from my shadow passwords (crypt-ed) in the
> Ldap server. It seems there's no supported way but two problems emerge
> in here:
>
> 1) you have to ask lots of people to type their passwords again
> 2) you have no control maintain same password policy
>
> Cheers,
>
> --
> Michal Kurowski
> perl -e '$_=q#: 13_2: 12/o{>: 8_4) (_4: 6/2^-2; 3;-2^\2: 5/7\_/\7: 12m m::#;
> y#:#\n#;s#(\D)(\d+)#$1x$2#ge;print'
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>