[Samba] Copy Passwords from Active Directory to Samba

Charles McLaughlin cmclaughlin at ucdavis.edu
Wed May 4 16:29:59 GMT 2005


I'm posting this for the sake of the archives...

I ended up up dumping the passwords from AD using pwdump2.exe found here:
http://www.bindview.com/Services/RAZOR/Utilities/Windows/pwdump2_readme.cfm

I couldn't get 'net vampire' to work (I didn't try that hard) and MS 
doesn't allow AD passwords to be retrieved via LDAP.

Charles

On 04/14/2005 04:14 PM, John H Terpstra wrote:
> On Thursday 14 April 2005 16:42, Charles McLaughlin wrote:
> 
>>Hello,
>>
>>I'm migrating from Windows 2003 Active Directory to a Samba 3 PDC and
>>would like to avoid recreating passwords for all of my users.  Is it
>>possible to copy the Windows user accounts or just the passwords from
>>the Windows box to Samba?
>>
>>I've read about the pwdump.exe tool, but can't find any reports of it
>>working on Windows 2003 and am not sure if Active Directory stores
>>passwords in the same manner as NT.  Can anyone confirm this?
>>
>>I'm using a tdbsam password backend.  Even if I can extract the
>>passwords from Windows, how can I add the pre-hashed password to the
>>tbsam database?
> 
> 
> Have you tried the 'net rpc vampire' approach? I have not and do not know if 
> it works. My question is shot from the hip.
> 
> The other possiblility is to do an LDAP dump of the ADS directory, then rework 
> the data into a valid OpenLDAP LDIF file. That is a method that does work, at 
> least for getting the directory contents.
> 
> - John T.


More information about the samba mailing list