[Samba] retrieve machine password in current Samba?
abartlet at samba.org
Thu Sep 7 23:41:01 UTC 2017
On Thu, 2017-09-07 at 22:02 +0000, James Zuelow via samba wrote:
> > -----Original Message-----
> > From: Andrew Bartlett [mailto:abartlet at samba.org]
> > Sent: Saturday, August 26, 2017 12:38 PM
> > To: James Zuelow; samba at lists.samba.org
> > Subject: Re: [Samba] retrieve machine password in current Samba?
> -- >8 -- snip -- 8< --
> > The recent secrets changes to store the krb5 hashes changed some
> > things to
> > use a IDL defined NDR packed structure. I've not checked the
> > details, but that
> > might be what you are seeing.
> > This is a very valid use case, we clearly do need a net sub-command
> > to just
> > print it.
> > Andrew Bartlett
> Would there be a way for me to translate that back somehow? I'm
> thinking that even if a new net command came out, I would be waiting
> for Debian to release Buster before I saw it show up on my stable
I've looked into this, and I don't think we have changed the format, it
is just that we stopped keeping to ascii and small lengths for the
passwords. That flood of binary stuff is really the password!
So, the tdbdump output is still correct, but do you have to un-escape
Otherwise, the attached script will print it on stdout, if you like it
and it works for you I can drop it in source4/scripting/bin for
Sorry for the confusion!
Authentication Developer, Samba Team https://samba.org
Samba Development and Support, Catalyst IT
More information about the samba