[Samba] user password hash

Andrew Bartlett abartlet at samba.org
Wed Oct 9 22:57:30 UTC 2019


On Tue, 2019-10-08 at 08:27 -0300, Elias Pereira via samba wrote:
> hello list,
> 
> What kind of hashing/encryption samba4 ADDC uses for user passwords?
> base64?

The easiest to sync in is the unicodePwd attribute, which is md4(utf16-
le(password)).

We also store other kerberos password has values, but unicodePwd is
what folks use when trying to do manual syncing.  Take are that when
playing this game that you need to remove supplementalCredentials or
the passwords used by modern Kerberos will get out of sync

Andrew Bartlett
-- 
Andrew Bartlett                       https://samba.org/~abartlet/
Authentication Developer, Samba Team  https://samba.org
Samba Developer, Catalyst IT          
https://catalyst.net.nz/services/samba






More information about the samba mailing list