[Samba] Difficulties retrieving randomly assigned password for newly created Samba user acounts
L.P.H. van Belle
belle at bazuin.nl
Mon Apr 29 09:34:12 UTC 2019
What the password is, is in the output on you screen, if not, then script it.
kinit Administrator
# function random password.
RANDOMPASSWD(){ < /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-16};echo; }
# Pull a random into USERPASS
USERPASS="$(RANDOMPASSWD)"
# And create your user.
sudo samba-tool user create "$USERNAME" --given-name="$GIVENNAME" --surname="$SURNAME" \
--mail-address="$EMAIL" --company="$COMPANY" --password="$USERPASS" --must-change-at-next-login \
--nis-domain="$WIN_DOMAIN" --unix-home="$UNIXHOMEFOLDERPATH" \
--home-drive="H" --home-directory="$WINDOWSHOMEFOLDERPATH" \
--login-shell="/usr/bin/git-shell" --uid-number="$UIDNUMBER" \
--gid-number=10000 -k
Echo "$USERNAME:${USERPASS}" >> new-users.txt
Something like that.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Stephen via samba
> Verzonden: maandag 29 april 2019 11:11
> Aan: samba at lists.samba.org
> Onderwerp: [Samba] Difficulties retrieving randomly assigned
> password for newly created Samba user acounts
>
> Hi everyone, I am using Samba 4.5.16-Debian on Raspbian and thanks to
> the help offered by everyone here I now finally have a mostly-working
> Active Directory network.
> I am now at the stage of creating inidividual user accounts for my
> domain and unfortunately I have a very basic but fundamental
> problem! I
> currently enter the following input at the command-line to
> create a new
> user on my DC:
>
> pi at ad1:~ $ sudo samba-tool user create "$USERNAME"
> --given-name="$GIVENNAME" --surname="$SURNAME"
> --mail-address="$EMAIL"
> --company="$COMPANY" --random-password --must-change-at-next-login
> --nis-domain="$WIN_DOMAIN" --unix-home="$UNIXHOMEFOLDERPATH"
> --home-drive="H" --home-directory="$WINDOWSHOMEFOLDERPATH"
> --login-shell="/usr/bin/git-shell" --uid-number="$UIDNUMBER"
> --gid-number=10000 -U "administrator%$SAMBA_ADMIN_PASSWORD"
> User 'stephenellwood' created successfully
>
> After entering this, you see I get a confirmation prompt
> indicating my
> user was created. When I hop onto my domain fileserver, I can see the
> new user, and this gives me additional confidence this has
> actually been
> created:
>
> pi at fs1:~ $ wbinfo -u
> stephenellwood
> administrator
> krbtgt
> guest
>
> In the switches passed to samba-tool previously you will see
> that I have
> requested a both a *random password* and that *this must be
> changed at
> the next login*. Crucially though, how do I find out what
> stephenellwood's randomly assigned password actually is so I
> can login
> to this account for the first time? Without this I am stuck
> - I have a
> new user account with an unknown randomised password and thus
> cannot login.
>
> Ultimately since I couldn't retrieve the random password for
> stephenellwood I then attempted to reset stephenellwood's password
> manually myself to a known string value using samba-tool.
> Unfortunately
> this also didn't seem to work:
>
> sudo samba-tool user password --newpassword="$NEWPASSWORD" -U
> "Administrator"
> Password for [OSSL\Administrator]:
> ERROR: Failed to change password : (-1073741716,
> "samr_ChangePasswordUser3 for 'OSSL\\Administrator' failed:
> NT_STATUS_PASSWORD_RESTRICTION")
>
> I would really appreciate any help and advice anybody can offer
> regarding this matter as I am now stuck at this point :)
>
> Thanks
> Stephen Ellwood
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list