[Samba] smb + ldap: changing passwords from windows: SSHA instead of CRYPT

Pablo Chamorro C. pchamorro at ingeominas.gov.co
Tue Nov 7 16:24:51 GMT 2006

Dear friends,

We have samba-3.0.21c-1 under RH9 + openldap 2.3.11 under FC4.  When a 
windows user changes his password using Ctrl-Alt-Del the password is 
stored on ldap in SSHA format but we need to work with CRYPT because we 
have some apps that don't support SSHA.

These are the lines related with authentication defined in smb.conf:

   encrypt passwords = yes
   ldap passwd sync = Yes

   passwd program = /usr/local/sbin/smbldap-passwd -u %u
   passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new password*" %n\n"
   passdb backend = ldapsam:ldap://ldapserver.ingeominas.gov.co/

and this is the setup in smbldap.conf:

# Unix password encryption (CRYPT, MD5, SMD5, SSHA, SHA, CLEARTEXT)

So, I don't know why windows is changing the password in SSHA format.

I appreciate your help.

Pablo Chamorro

Tel: +57 (2) 7314752/3222/2595 - Fax: +57 (2) 7310514
Carrera 31 #18-07 Parque Infantil - PO Box 1795 - Pasto

More information about the samba mailing list