[Samba] user password hash
Andrew Bartlett
abartlet at samba.org
Fri Oct 11 09:32:51 UTC 2019
On Fri, 2019-10-11 at 11:18 +0200, mj via samba wrote:
> Hi,
>
> On 10/10/19 3:35 PM, Rowland penny via samba wrote:
> > However, I have tried several times to decode a unicodePwd, but
> > have
> > never succeeded
>
> So, to make sure I understand: while decoding the AD unicodePwd
> should
> work in theory, it does not work for anyone, in actual practise?
You can't decode it back to plantext, it is hashed with md4. The
'encode' everyone has discussed here is a way of setting it, Samba then
does the transform into all the hash formats needed after getting the
plaintext.
If enabled, there is also a userPassword attribute that avoids all the
"" and utf-16 mess and just writes the utf8 password into the various
hashes.
Andrew Bartlett
--
Andrew Bartlett https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Developer, Catalyst IT
https://catalyst.net.nz/services/samba
More information about the samba
mailing list