[Samba] Password Storage on Samba Primary Domain Controller

Andrew Bartlett abartlet at samba.org
Tue Nov 9 19:30:09 UTC 2021

On Tue, 2021-11-09 at 13:25 -0600, Joseph Bell via samba wrote:
> I've built a Samba PDC using the instructions at
> https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller
> and
> have had great success using it in an enterprise setting.
> As a part of a compliance audit I need to articulate clearly the
> password
> encryption mechanism of my domain controller.  Is there reference
> documentation on how user passwords are stored in a PDC
> configuration?
> (Note: I used the term 'stored' but am assuming some type of salting,
> hashing, etc. mechanism is actually used.)

It is pretty bad.  MD4(UTF-16(password))

yes, no salt.  This matches Windows, for better or worse. 

There are other methods in use, but in this case the weakest link
matter most.

We do encrypt it at rest, but the key is kept next to the DB (you are
welcome to somehow provision that at each boot if you link, mostly we
do that as a defence against in-memory or search expression attacks). 

I do have a work item to remove this for users, but it will break

I don't have a a timeframe for that right now, but it has been

Andrew Bartlett
Andrew Bartlett (he/him)       https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT   https://catalyst.net.nz/services/samba

Samba Development and Support, Catalyst IT - Expert Open Source

More information about the samba mailing list