[Samba] Default password recovery feature

[Paul]

Thanks for that, it's pretty much our server-side web form to re-init passwords.

The problem is that I need to store somewhere as plaintext the default password 
for each user, which is prompted to change at the 1st connexion.

I turned on "--store-plaintext on" via samba-tool and read 
"supplementalCredentials", looked for "Store passwords using reversible 
encryption"...

I don't think it's the right way since I don't want to be able to decode new 
passwords...

Paul

Le 17/06/2015 09:37, L.P.H. van Belle a écrit :
> Nice enviroment Paul..
>
> have a look here.
> http://ltb-project.org/wiki/documentation/self-service-password
>
>
> Greetz,
>
> Louis
>
>
>> -----Oorspronkelijk bericht-----
>> Van: paul.de_vlieger at moniut.univ-bpclermont.fr
>> [mailto:samba-bounces at lists.samba.org] Namens Paul
>> Verzonden: woensdag 17 juni 2015 9:25
>> Aan: samba at lists.samba.org
>> Onderwerp: [Samba] Default password recovery feature
>>
>> Hi,
>> we are using Samba4 since the first stable release, and we are
>> fully satisfied.
>>
>> Our configuration is 2 DCs on opensuse13, samba 4.1.16 + bind,
>> full sync
>> (ad/gpo/netlogon), ~1k users, ~700 computers.
>> We migrated to samba4 from the classic samba3/ldap backend
>> without any big issue.
>>
>> We have the possibility to reset the password to the default
>> one using a web
>> form. On samba3/ldap we used the attribute
>> "sambaPasswordHistory" to store this
>> default password and restore it on request. This default
>> password is stored as
>> plaintext.
>>
>> How can I do this in Samba4 and AD schema? I digged a little
>> bit in password
>> history in AD but the comparison is done with hashes. I don't
>> want to store this
>> in a third party database...
>>
>> Thank for your support,
>> Paul
>>
>>
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>>
>