[Samba] sambar4: user creation with ldap and initial password

Thomas Mueller thomas at chaschperli.ch
Thu Nov 1 06:44:05 MDT 2012


trying to create a user with ldap from a remote server. The user is 
created successfully. I'm failing setting the initial password.

Setting the unicodePwd with kerberos administrator credentials with 
ldbmodify and the ldif below results in "00002035: setup_io: it's not 
allowed to set the NT hash password directly". 

searching the web I've found s4 mailinglist entries telling "do not set 
unicodePwd with ldap".  this KB article tells in AD it's possible to set 
it:  http://support.microsoft.com/kb/263991/en-us 

Is there a supported method to supply the initial user password with s4 
and ldap?

- Thomas

dn: CN=Thomas Mueller,OU=Users,DC=test,DC=testing
changetype: modify
replace: unicodePwd
unicodePwd:: $IlRlc3QxMjMtLSIK

More information about the samba mailing list