[Fedora-directory-users] windows sync and password "clear"

Thu Mar 20 01:27:05 UTC 2008

I don't know where I read but as far I know you should use only UNIX crypt
for password, so don't use MD5.

                                                                      Para 
                                          <fedora-directory-users at redhat.c 
                                          om>                              
       Luigi Santangelo                                                 cc 
       <santangelo.luigi at tiscal                                            
       i.it>                                                        Asunto 
       Enviado por:                       [Fedora-directory-users] windows 
       fedora-directory-users-b           sync and password "clear"        
       ounces at redhat.com                                     Clasificación 
                                         Uso Interno                       
       19/03/2008 06:37 a.m.                                               

        Por favor, responda a                                              
           Luigi Santangelo                                                
       <santangelo.luigi at tiscal                                            
          i.it>; Por favor,                                                
              responda a                                                   
       "General discussion list                                            
       for the Fedora Directory                                            
           server project."                                                
       <fedora-directory-users@                                            
             redhat.com>                                                   

Hi everybody, this is my problem:
I configured my Fedora DS and now I can sync the LDAP's users with
Windows 2003 Active Directory. Then, I created a new user with this
code ldif

dn: uid=red,ou=Other,ou=Students,ou=People,dc=xxxxx,dc=xx
givenName: red
sn: red
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetorgperson
objectClass: ntuser
uid: red
ntUserCreateNewAccount: true
ntUserDeleteAccount: true
cn: red
ntUserDomainId: red
userPassword: redpwd
creatorsName: uid=root,ou=administrators,ou=topologymanagement,
o=netscaperoot
modifiersName: uid=root,ou=administrators,ou=topologymanagement,
o=netscaperoot
createTimestamp: 20080318153555Z
modifyTimestamp: 20080318153555Z
nsUniqueId: f8f6c801-f50011dc-80ebbfe2-cc3ccdae

Note that I wrote the user's password in "clear". Now, I can logon the
Windows AD with the username red and the password redpwd.
Then I added another user (yellow) with this code ldif

dn: uid=yellow,ou=Other,ou=Students,ou=People,dc=xxxxx,dc=xx
givenName: yellow
sn: yellow
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetorgperson
objectClass: ntuser
uid: yellow
ntUserCreateNewAccount: true
ntUserDeleteAccount: true
cn: yellow
ntUserDomainId: yellow
userPassword: {MD5}8cb32079718c657b02bbbb176b97d030
creatorsName: uid=root,ou=administrators,ou=topologymanagement,
o=netscaperoot
modifiersName: uid=root,ou=administrators,ou=topologymanagement,
o=netscaperoot
createTimestamp: 20080318153555Z
modifyTimestamp: 20080318153555Z
nsUniqueId: f8f6c801-f50011dc-80ebbfe2-cc3ccdae

Note the MD5(yellowpwd) = 8cb32079718c657b02bbbb176b97d030
Then If I try logon the Windows AD (from Windows) with the username
yellow and the password yellowred, I cannot log in. Instead, if I try
logon the Windows AD with the username yellow and the
password {MD5}8cb32079718c657b02bbbb176b97d030 I can log in.
Do you think that this is a problem strictly related to Windows'
problem? How can I get over it?
Thank you in advance.

______________________________________________
Adotta un bambino a distanza. Avrà vestiti, cibo, scuola?e avrà te!
http://social.tiscali.it/promo/C02/sos/

--
Fedora-directory-users mailing list
Fedora-directory-users at redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users

========================================================================================
AVISO LEGAL: Esta información es privada y confidencial y está dirigida
únicamente a su destinatario. Si usted no es el destinatario original de
este mensaje y por este medio pudo  acceder a dicha información por favor
elimine el mensaje. La distribución o copia de este mensaje está
estrictamente prohibida. Esta comunicación es sólo para  propósitos de
información y no debe ser considerada como propuesta, aceptación ni como
una declaración de voluntad oficial de NUCLEO S.A.  La transmisión de
e-mails no garantiza que el correo electrónico sea seguro o libre de error.
Por consiguiente, no manifestamos que esta información sea completa o
precisa.  Toda información está sujeta a alterarse sin previo aviso.

 This information is private and confidential and intended for the
recipient only. If you are not the intended recipient of this message you
are hereby notified that any review,  dissemination, distribution or
copying of this message is strictly prohibited. This communication is for
information purposes only and shall not be regarded neither as a proposal,
acceptance nor as a statement of will or official statement from NUCLEO
S.A. . Email transmission cannot be guaranteed to be secure or error-free.
Therefore,  we do not represent that this information is complete or
accurate and it should not be relied upon as such. All information is
subject to change without notice.