[Samba] Random Password

Jonathan Buzzard jonathan at buzzard.me.uk
Tue Jun 24 07:05:07 MDT 2014

On Sat, 2014-06-21 at 18:51 +0200, steve wrote:
> On Sat, 2014-06-21 at 20:21 +0400, henri transfert wrote:
> > Hi,
> > 
> > A basic question : when creating a user with "samba-tool user create" , if
> > I use the --random-password option how do I know the password that has been
> > randomly generated ?
> > 
> > Thanks in advance
> > 
> > Henri
> I don't think you can. The kdc holds only the key which has been derived
> from the password. Using a random password is useful for users who e.g.
> need to run a service which starts at boot. If your users are human
> beings who need to type in a password, give them passwords which they
> can type.

Alternatively give them a random password at account creation that
nobody knows then require them to come to the help desk where someone
with admin privileges will allow them to reset their password after
showing appropriate identification.

It is a method by which at no time do account passwords need to be
written down where they may be misused.


Jonathan A. Buzzard                 Email: jonathan (at) buzzard.me.uk
Fife, United Kingdom.

More information about the samba mailing list