[Samba] samba-tool user getpassword --decrypt-samba-gpg

Harry Jede walk2sun at arcor.de
Thu Oct 27 07:37:22 UTC 2016


On 09:34:12 wrote Dale Renton via samba:
> Hello,
> 
> I'm looking to use the new 'samba-tool user getpassword' or
> 'samba-tool user syncpasswords' for syncing to an OpenLDAP server. 
> I've configured the 'password hash gpg key ids' in smb.conf. 
> Everything appears to be working fine, except the plaintext
> passwords returned from samba-tool user getpassword
> --decrypt-samba-gpg are different.  Do the returned values need to
> be decoded ?
yes, i.e.

$ echo -n SGRnNDNoajU= |base64 -d ;echo
Hdg43hj5
$


> I'm using Samba 4.5.1 on CentOS 7 with gpgme-devel and
> pygpgme installed.
> 
> The plaintext password for this is Hdg43hj5
> 
> 
> 
> samba-tool user getpassword username
> --attributes=virtualClearTextUTF16,virtualClearTextUTF8,virtualSambaG
> PG,unicodePwd --decrypt-samba-gpg
> 
> dn: CN=username,CN=Users,DC=ad,DC=example,DC=com
> unicodePwd:: +kiiRa+tFYsnUIb+ABlZdQ==
> virtualClearTextUTF16:: SABkAGcANAAzAGgAagA1AA==
> virtualClearTextUTF8:: SGRnNDNoajU=
> virtualSambaGPG::
> LS0tLS1CRUdJTiBQR1AgTUVTU0FHRS0tLS0tClZlcnNpb246IEdudVBHIHYy
>  LjAuMjIgKEdOVS9MaW51eCkKCmhRRU1BN3hKTkYrUW02b21BUWY5R3lyMmViZmVHaDEx
> eTlKSTZ4U
> UMyT3gvb3Z2dmRVVTFEYjNwc0I0a3djdlcKRkdhQzhFTDU3TWp2WFNvbW1qK3M3ZnVXd
> lo4NVRoZ1
> J5T0ZTS3NmbmUvdzdKODU0Y3RzbnNTSTFvMDlJMi9qWApHUjN2SVdwVDZNcWhNNHFpY2
> 9aVXVLTjA
> yM0F0Rlp5SEFrMTRvNy9xK1RoRlVOZ2V1V2twUTVFWkNjR1FacjkxCk91NG9WTlhzY0R
> UcVNjbDJn
> ZE1HYzl6bWpsZklOWWJBYmVDVWJJNUczOVlyRkdmeExyVTJ2VlBqdkxLdThlREMKL0Yr
> VHlVVTlTV
> ExLdmd1UWloeDFoVFZzOWEyUEQ1VVVyam5VWlBMUDJZRGlqSENlUzcrUkVaRWFwNjA0Z
> XRudgplb1
> VoS3dhK29UamR0Vk03SkVGUFh6UzFKajk1bitoUU9vUW9vOGgvdk5KTEFYVkh6NG9pdE
> s1K0UvMDd
> JVW92Cm4zdlBpQ0RpL0Nld2RjV1gzN2NJandBQlVrR1BheENhOXRobkhDTERGdXhXQ1g
> zejg2K1BB
> aHUvTDRjZjBxeWcKcEw3OWx1Z0hjbnJlRkp4OAo9eHNFZwotLS0tLUVORCBQR1AgTUVT
> U0FHRS0tL S0tCg==
> 
> Got password OK
> 
> 
> 
> 
> Thanks,
> Dale


-- 

Gruss
	Harry Jede


More information about the samba mailing list