[Samba] Samba <--> AD password sync

Ilia Chipitsine ilia at paramon.ru
Sun Jan 30 14:14:08 GMT 2005


Dear Sirs,

I want to duplicate users from samba to AD. One-to-one convertion, nothing 
complicated.

The problem is: password synchronization. AD allows LDAP connection and 
there is even special attribute for storing password (unicodePwd), that 
attribute cannot be read, but can be written under some circumstances:


http://www.jsiinc.com/SUBM/tip6000/rh6088.htm


I cannot figure out what to do, because that attribute must be written in 
clear, not NT/LM hash.

Any idea how to syncronize password between samba and AD ?
Or maybe any idea how to make AD go to samba and ask samba to authenticate 
users ?

Cheers,
Ilia Chipitsine


More information about the samba mailing list