[Samba] Synchronisation using LDAP

Ryan Bair ryandbair at gmail.com
Mon Jul 5 10:16:13 MDT 2010

It looks like the new sync module also supports SHA1 and MD5 hashed passwords.

"To synchronize passwords from LDAP, you will need an LDAP attribute that stores
passwords in plain text, MD5 or SHA1 format. "

Not sure if Samba4 stores in these formats or not though...

On Mon, Jul 5, 2010 at 3:28 AM, Jorijn Schrijvershof <jorijn at jorijn.com> wrote:
> Hi,
> On Mon, Jul 5, 2010 at 9:03 AM, Michael Wood <esiotrot at gmail.com> wrote:
>> Hi
>> Sorry, I accidentally did not send my initial reply to the list.
>> I am not sure this will be possible unless you use plain text
>> passwords because I believe Windows uses its own hashing algorithms.
>> I don't know anything about Google's LDAP server/schema, but if you
>> authenticate as an admin user I think you should be able to access the
>> passwords.  You might need to fiddle with the access control settings
>> if you have access to that.
>> --
>> Michael Wood <esiotrot at gmail.com>
> Thanks for your reply, I don't mind using plain text passwords, I tend to
> protect the database carefully and syncronisation is a must, since we're
> deploying google apps to all our users. When logging in with the built in
> administrator the passwords attributes seems empty (userPassword,
> unicodePwd, etc.). Any ideas?
> --
> Jorijn Schrijvershof
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list