[Samba] samba-tool user getpassword --decrypt-samba-gpg
Achim Gottinger
achim at ag-web.biz
Wed Oct 26 18:38:20 UTC 2016
Am 26.10.2016 um 19:52 schrieb Dale Renton via samba:
> Hello,
>
> I'm looking to use the new 'samba-tool user getpassword' or 'samba-tool
> user syncpasswords' for syncing to an OpenLDAP server. I've configured the
> 'password hash gpg key ids' in smb.conf. Everything appears to be working
> fine, except the plaintext passwords returned from samba-tool user
> getpassword --decrypt-samba-gpg are different. Do the returned values need
> to be decoded ? I'm using Samba 4.5.1 on CentOS 7 with gpgme-devel and
> pygpgme installed.
>
> The plaintext password for this is Hdg43hj5
>
>
>
> samba-tool user getpassword username
> --attributes=virtualClearTextUTF16,virtualClearTextUTF8,virtualSambaGPG,unicodePwd
> --decrypt-samba-gpg
>
> dn: CN=username,CN=Users,DC=ad,DC=example,DC=com
> unicodePwd:: +kiiRa+tFYsnUIb+ABlZdQ==
> virtualClearTextUTF16:: SABkAGcANAAzAGgAagA1AA==
> virtualClearTextUTF8:: SGRnNDNoajU=
> virtualSambaGPG::
> LS0tLS1CRUdJTiBQR1AgTUVTU0FHRS0tLS0tClZlcnNpb246IEdudVBHIHYy
> LjAuMjIgKEdOVS9MaW51eCkKCmhRRU1BN3hKTkYrUW02b21BUWY5R3lyMmViZmVHaDExeTlKSTZ4U
> UMyT3gvb3Z2dmRVVTFEYjNwc0I0a3djdlcKRkdhQzhFTDU3TWp2WFNvbW1qK3M3ZnVXdlo4NVRoZ1
> J5T0ZTS3NmbmUvdzdKODU0Y3RzbnNTSTFvMDlJMi9qWApHUjN2SVdwVDZNcWhNNHFpY29aVXVLTjA
> yM0F0Rlp5SEFrMTRvNy9xK1RoRlVOZ2V1V2twUTVFWkNjR1FacjkxCk91NG9WTlhzY0RUcVNjbDJn
> ZE1HYzl6bWpsZklOWWJBYmVDVWJJNUczOVlyRkdmeExyVTJ2VlBqdkxLdThlREMKL0YrVHlVVTlTV
> ExLdmd1UWloeDFoVFZzOWEyUEQ1VVVyam5VWlBMUDJZRGlqSENlUzcrUkVaRWFwNjA0ZXRudgplb1
> VoS3dhK29UamR0Vk03SkVGUFh6UzFKajk1bitoUU9vUW9vOGgvdk5KTEFYVkh6NG9pdEs1K0UvMDd
> JVW92Cm4zdlBpQ0RpL0Nld2RjV1gzN2NJandBQlVrR1BheENhOXRobkhDTERGdXhXQ1gzejg2K1BB
> aHUvTDRjZjBxeWcKcEw3OWx1Z0hjbnJlRkp4OAo9eHNFZwotLS0tLUVORCBQR1AgTUVTU0FHRS0tL
> S0tCg==
>
> Got password OK
>
>
>
>
> Thanks,
> Dale
They are base64 encoded.
#echo SGRnNDNoajU= | base64 -d
Hdg43hj5
More information about the samba
mailing list