[Samba] Samba4: programmatic account creation via LDAP (unicodePwd)

Andrew Bartlett abartlet at samba.org
Mon Apr 6 04:39:46 GMT 2009

On Tue, 2009-02-24 at 23:44 -0600, James R. Leu wrote:
> Hello,
> I've started working with samba4-alpha6.  I've been successful
> in setting up an AD with an openldap backend.  I'm now
> shifting my focus to how I would go about migrating to
> a samba4 setup from a microsoft AD implementation.
> To that end I've written a perl script that uses Net::LDAP
> to create users in the samba4 LDAP backend.  I can create
> the user in such a way that samba4 is happy with it, but
> I'm unable to set an initial password for the user.
> I've tried using a template user that has a known password
> and then duplicating that users nTSecurityDescriptor, but that
> doesn't seem to work.  I've tried creating a unicodePwd entry
> with the following code:
>     my $charmap = Unicode::Map8->new('latin1') or die $!;
>     my $unipwd = $charmap->tou(qq{"$passwd"})->byteswap()->utf16();
> But that doesn't seem to work either.
> I was wondering if anyone working with samba4 could recommend
> a way to create users programmatically.  If a mechanism does not
> exist, perhaps someone could point me in the right direction to
> add the necessary hooks to samab4 to allow it.

This should now work in Samba4, thanks to work to get Windows 7 to join
the domain.

We also support an extension:  You may set 'userPassword' with a utf8
password, rather than the silly UCS2 in quotes format of unicodePwd.

Andrew Bartlett

Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.                  http://redhat.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20090406/be999ac7/attachment.bin

More information about the samba mailing list