[Samba] Sync unixUserPassword from AD Password

Andrew Martin amartin at xes-inc.com
Tue Sep 16 08:10:31 MDT 2014

----- Original Message -----
> From: "Andrew Martin" <amartin at xes-inc.com>
> To: samba at lists.samba.org
> Sent: Thursday, September 11, 2014 11:53:29 AM
> Subject: [Samba] Sync unixUserPassword from AD Password
> Hello,
> I am running a Samba 4.1.6 AD DC on Ubuntu 14.04. I provisioned with
> --use-rfc2307 and have followed the instructions here to enable NIS
> Extensions:
> https://wiki.samba.org/index.php/Using_RFC2307_on_a_Samba_DC#Configuring_RFC2307_and_NIS_Extensions_in_a_Samba_AD
> I can see the UNIX Attributes tab in ADUC and have all of the attributes
> populated. I am attempting to authenticate a Solaris server to AD, however it
> must use the unixUserPassword field for authenticating the user's password.
> Currently, unixUserPassword is set to the default value -
> ABCD!efgh12345$67890.
> It seems that I need to install Identity Management For Unix in order to
> enable
> syncing of the AD user's password to the unixUserPassword field:
> http://blogs.technet.com/b/sfu/archive/2010/01/08/using-unixuserpassword-attribute-properly.aspx
> However, I cannot figure out how to install Identity Management for Unix
> since
> this is a Samba 4 DC. Is there a native way in Samba to update the hash in
> the
> unixUserPassword, or a script I could run via cron on the Samba 4 DC?

Or, does anyone know the hashing algorithm used to generate the unixUserPassword
field? Can I manually run a command to populate this field?

More information about the samba mailing list