[Samba] user password hash

Andrew Bartlett abartlet at samba.org
Fri Oct 11 09:32:51 UTC 2019

On Fri, 2019-10-11 at 11:18 +0200, mj via samba wrote:
> Hi,
> On 10/10/19 3:35 PM, Rowland penny via samba wrote:
> > However, I have tried several times to decode a unicodePwd, but
> > have 
> > never succeeded
> So, to make sure I understand: while decoding the AD unicodePwd
> should 
> work in theory, it does not work for anyone, in actual practise?

You can't decode it back to plantext, it is hashed with md4.  The
'encode' everyone has discussed here is a way of setting it, Samba then
does the transform into all the hash formats needed after getting the

If enabled, there is also a userPassword attribute that avoids all the
"" and utf-16 mess and just writes the utf8 password into the various

Andrew Bartlett

Andrew Bartlett                       https://samba.org/~abartlet/
Authentication Developer, Samba Team  https://samba.org
Samba Developer, Catalyst IT          

More information about the samba mailing list