[Samba] Synchronizing passwords to Samba 4

Andrew Bartlett abartlet at samba.org
Thu Sep 27 18:41:21 UTC 2018

On Thu, 2018-09-27 at 12:30 +0200, Sebastien BEAUDLOT via samba wrote:
> Hi, 
> I'm trying to synchronize user accounts from LDAP to Samba 4 AD
> (using LSC) but it seems that password update through ldap is not
> allowed. 
> I failed to find details about it, but can someone confirm that
> unicodePwd cannot be read / wrote trough a LDAPS connection ? 
> Is there any workaround ? 

What type of password do you have?  A hash of some kind, the plaintext?

An administrative password reset is possible over LDAP using unicodePwd
and userPassword (if configured), if you have the plaintext.

Injecting hashes is harder, requires local DB access and needs more

Andrew Bartlett
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba mailing list