[Samba] Samba 4 LDAP NTLM password nightly injection
Andrew Bartlett
abartlet at samba.org
Wed Mar 27 16:18:15 MDT 2013
On Tue, 2013-03-26 at 11:10 -0400, Luc Lalonde wrote:
> Hello Andrew,
>
> I'm finally diving into this project...
>
> First off, my sysadmin stuff is mostly in Perl. So my Python is rudimentary at best.
>
> Here we go anyway... I've looked at the 'upgrade.py' but I can't seem to figure out how to connect to the Samba4 passwd database.
>
> In the script I see these lines:
>
> #######################################################
> # Connect to samba4 backend
> s4_passdb = passdb.PDB(new_lp_ctx.get("passdb backend"))
> ########################################################
>
> I would appreciate a hint on how to connect to the database please. Where is the 'passdb' object referenced from?
>
> Once that's done, from what I understand, I should be able to change the passwords directly:
>
> #######################################################
> # Change foo-user password
> admin_userdata = s4_passdb.getsampwnam("foo-user")
> admin_userdata.nt_passwd = "878D8014606CDA29677A44EFA1353FC7"
> admin_userdata.lanman_passwd = "552902031BEDE9EFAAD3B435B51404EE"
> s4_passdb.update_sam_account(admin_userdata)
> #######################################################
Sort of. Those values are not base16 strings, but raw bytes, but
otherwise that looks pretty much right at a first glance.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba
mailing list