[Samba] Change user password with LDAP

Rowland penny rpenny at samba.org
Sat May 15 08:21:50 UTC 2021

On 15/05/2021 02:31, Hernan Jalabert via samba wrote:
> Hello everyone, i comment yo you  the situation in which I find myself. We
> are recently trying to migrate from samba version 3 to version 4. At the
> institution we have several applications that manage users. I have tried
> without success to change a user's password using ldap, that is, without
> going to samba-tool for this task. I read in several places that it might
> be possible by editing the unicodePwd attribute, and that the password must
> be in utf-16 in quotes. Before continuing trying, I just wanted to consult
> you, is it possible to change the user's password by editing any LDAP/AD
> property?
> I am working with a library (driver) of a programming language called
> elixir that so far has allowed me to edit the properties of a user without
> problems. My idea is to develop an interface that mediates between the
> developed applications and samba4.
> Sry. for my english.
> Thanks, any help is appreciated.

Perfectly possible, you can do it from bash.

The password is created with this:

_UNICODEPW=$(echo -n "\"$_USER_PW\"" | iconv -f UTF-8 -t UTF-16LE | 
base64 -w 0)

Then changed with an ldif like this:

changetype: modify
replace: unicodePwd

Though I struggle to see what is wrong with using 'samba-tool user 


More information about the samba mailing list