[Samba] Samba4 syncpassword fails

Julien TEHERY julien.tehery at mediactivegroup.com
Fri Aug 14 07:41:17 UTC 2020

>I just had a look at tranquils code again and I have a possible idea
>about what is going on. The code was written for python2 and needs
>updating to python3

Yes, but as i explained before, we managed to make it work since almost a thousand days in a row 😕

THe ldb cache is initialized with:

samba-tool user syncpasswords --cache-ldb-initialize   --attributes=virtualSSHA,samaccountname,virtualClearTextUTF8 --script=/opt/syncpwd.py --decrypt-samba-gpg

We originally modified a bit the script to retrieve the virtualClearTextUTF8 value of the password, then decode it in base64 , re encode it in md4 and send it to remote LDAP server. This worked like a charm.

Nothing has been modified or updated on the samba main DC exept the fact we tried to join another remote DC which made the synchronization fail.
I dont' kniw what it is talking about when it says " Unable to unmarshall cookie as a ldapControlDirSyncCookie structure"
So there's something wrong on samba side that came with the new DC join for sure.

What is this cookie?

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list