[Samba] Change user password with LDAP
Rowland penny
rpenny at samba.org
Sat May 15 08:21:50 UTC 2021
On 15/05/2021 02:31, Hernan Jalabert via samba wrote:
> Hello everyone, i comment yo you the situation in which I find myself. We
> are recently trying to migrate from samba version 3 to version 4. At the
> institution we have several applications that manage users. I have tried
> without success to change a user's password using ldap, that is, without
> going to samba-tool for this task. I read in several places that it might
> be possible by editing the unicodePwd attribute, and that the password must
> be in utf-16 in quotes. Before continuing trying, I just wanted to consult
> you, is it possible to change the user's password by editing any LDAP/AD
> property?
>
> I am working with a library (driver) of a programming language called
> elixir that so far has allowed me to edit the properties of a user without
> problems. My idea is to develop an interface that mediates between the
> developed applications and samba4.
>
> Sry. for my english.
>
> Thanks, any help is appreciated.
Perfectly possible, you can do it from bash.
The password is created with this:
_UNICODEPW=$(echo -n "\"$_USER_PW\"" | iconv -f UTF-8 -t UTF-16LE |
base64 -w 0)
Then changed with an ldif like this:
dn: $USERS_DN
changetype: modify
replace: unicodePwd
unicodePwd::$_UNICODEPW
Though I struggle to see what is wrong with using 'samba-tool user
password'.
Rowland
More information about the samba
mailing list