[Samba] retrieve machine password in current Samba?

Andrew Bartlett abartlet at samba.org
Sat Aug 26 20:38:29 UTC 2017

On Sat, 2017-08-26 at 01:02 +0000, James Zuelow via samba wrote:
> > -----Original Message-----
> > From: Jeremy Allison [mailto:jra at samba.org]
> > Sent: Friday, August 25, 2017 3:48 PM
> > Looking at the code I think it's now returning the plaintext password, whereas
> > previously it only stored the password hash. You'll have to hash to make it
> > useful by wicd it seems (I'm guessing wicd expects the hash, not the plaintext).
> OK.
> I guess I had that backwards.  I thought that the new version (\EE\A9\8D\EF\AD\AC...) was giving me an encrypted (or hashed I guess) value, and the old version ( ]f2>lOR4NA~hbv ) was the plaintext password.
> I'll see if I can't translate that over somehow.  

The recent secrets changes to store the krb5 hashes changed some things
to use a IDL defined NDR packed structure.  I've not checked the
details, but that might be what you are seeing. 

This is a very valid use case, we clearly do need a net sub-command to
just print it.

Andrew Bartlett

Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba mailing list