+ Post New Thread
Results 1 to 8 of 8
*nix Thread, SAMBA user migration?? in Technical; I have inherited a rather strange setup which consists of a bunch of XP clients with local profiles and accounts ...
  1. #1

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,241
    Thank Post
    882
    Thanked 2,743 Times in 2,317 Posts
    Blog Entries
    11
    Rep Power
    784

    SAMBA user migration??

    I have inherited a rather strange setup which consists of a bunch of XP clients with local profiles and accounts pointing at a CentOS (edit, actually Fedora core 6) server running SAMBA for file and print. The plan is to migrate the existing users to a AD environment to get centralized authentication and logons.

    Does anyone know if there is a way to get SAMBA to at least cough up with at least a list of the current users if not the passwords as well. I know that Windows AD can be set to encrypt passwords in a reversable encryption so I am wondering if there is a simmilar setting that would allow me to recover the current user passwords, if not what is the easiest way to reset them?

    Thanks for any help in advance.
    Last edited by SYNACK; 14th January 2011 at 03:22 AM.

  2. #2

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,241
    Thank Post
    882
    Thanked 2,743 Times in 2,317 Posts
    Blog Entries
    11
    Rep Power
    784
    Anyone, anyone at all??

  3. #3

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,683
    Thank Post
    1,268
    Thanked 789 Times in 686 Posts
    Rep Power
    237
    Quote Originally Posted by SYNACK View Post
    Does anyone know if there is a way to get SAMBA to at least cough up with at least a list of the current users if not the passwords as well.
    What password backend is that Samba using (it should say in smb.conf)? Figure that out and you should be able to find out in what file the passwords are stored. If nothing else you could run some kind of dictionary attack on that file to decrypt it, but I imagine that might take a bit of time.

    --
    David Hicks

  4. Thanks to dhicks from:

    SYNACK (12th January 2011)

  5. #4

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,241
    Thank Post
    882
    Thanked 2,743 Times in 2,317 Posts
    Blog Entries
    11
    Rep Power
    784
    Thanks, I'll have a look when I am in next and report back if/when I get confused

  6. #5

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,241
    Thank Post
    882
    Thanked 2,743 Times in 2,317 Posts
    Blog Entries
    11
    Rep Power
    784
    Umm, looking through the smb.conf it has no password backend set but it does have a commented out value pointing to tdbsam and the comments above it suggests that is needs no further configuration to use that method. Reading some of the stuff from other sites I am now more confused as it seems to suggest that this is possibly just some kind of mapping file that then points to local linux users however I have not even managed to generate a list of the local users. I tried a couple of commands from my searches and each bombed unhelpfully. Using linux in the command line when you are new to it is like being blind in a room full of pointly things.

    Are there any remote GUI tools that could be used? I have tried ssh for remote command line but this won't let me logon as root (the only password I do actually have). I will look further into adding a new user hopefully to the admins group so that I can at least do that.

    Edit: now have created a new user and found the place in sshd_config to edit so I am now able to logon using putty from a different workstation while onsite. Still on the hunt for a user list though.

    Edit2: (notes for when I get back there I will try)
    http://ubuntuforums.org/archive/index.php/t-23616.html
    http://fixunix.com/samba/246816-samb...passwords.html
    Last edited by SYNACK; 14th January 2011 at 03:37 AM.

  7. #6

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,683
    Thank Post
    1,268
    Thanked 789 Times in 686 Posts
    Rep Power
    237
    Quote Originally Posted by SYNACK View Post
    The plan is to migrate the existing users to a AD environment to get centralized authentication and logons.
    Is the issue simply that you have a whole bunch of users who will find it a massive problem if they have to reset their passwords when they log in to the new system? If not, you could simply create the new domain, join the Samba server to it and have people set up a new password when they first log in.

    --
    David Hicks

  8. Thanks to dhicks from:

    SYNACK (14th January 2011)

  9. #7

    Join Date
    Jan 2011
    Location
    West Yorkshire
    Posts
    6
    Thank Post
    1
    Thanked 3 Times in 2 Posts
    Rep Power
    0
    I have also inherited an interesting setup, where we have a Samba server (running on Suse Linux) as our DC, file and print server. It runs really well but a lack of AD is hampering us and a migration to Windows Server 2008R2 is planned for summer.

    On Suse the password file is located in /etc/samba and the file you are looking for is smbpasswd as this will list the users. (If it is different on your setup then you need to change the file path in the command below)

    If you don’t know the location of your smbpasswd file you can search using the following command, find / -name smbpasswd

    To get the information out use the command cat /etc/samba/smbpasswd >> filename.txt

    This will produce a txt file you can then copy from your Samba server and import into excel, the data is separated by a : on my export. The passwords are encrypted but it will give you a list of users.

    Now you have remote ssh working you may find WinSCP is useful, although I mainly use putty.

    Also you could try installing Webmin to help with the administration, as it would give you a GUI interface.

    I couldn't put links in to the software as its my 1st post but a google will bring them up

    Hope the above helps.

  10. 2 Thanks to richieh:

    dhicks (14th January 2011), SYNACK (14th January 2011)

  11. #8

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,241
    Thank Post
    882
    Thanked 2,743 Times in 2,317 Posts
    Blog Entries
    11
    Rep Power
    784
    Quote Originally Posted by dhicks View Post
    Is the issue simply that you have a whole bunch of users who will find it a massive problem if they have to reset their passwords when they log in to the new system? If not, you could simply create the new domain, join the Samba server to it and have people set up a new password when they first log in.

    --
    David Hicks
    The issue is that I am new and trying to make a good impression, I could just reset all the passwords, assuming I can figure out how (easy if they are linux system users) but the other issue is that they are all on holiday at the moment so it would boot them from their webmail. I also have to figure out how to enable imap so that I can copy their existing emails out and into exchange using exmerge but that is a battle for after I have figured out the passwords.

    Quote Originally Posted by richieh View Post
    I have also inherited an interesting setup, where we have a Samba server (running on Suse Linux) as our DC, file and print server. It runs really well but a lack of AD is hampering us and a migration to Windows Server 2008R2 is planned for summer.

    On Suse the password file is located in /etc/samba and the file you are looking for is smbpasswd as this will list the users. (If it is different on your setup then you need to change the file path in the command below)

    If you don’t know the location of your smbpasswd file you can search using the following command, find / -name smbpasswd

    To get the information out use the command cat /etc/samba/smbpasswd >> filename.txt

    This will produce a txt file you can then copy from your Samba server and import into excel, the data is separated by a : on my export. The passwords are encrypted but it will give you a list of users.

    Now you have remote ssh working you may find WinSCP is useful, although I mainly use putty.

    Also you could try installing Webmin to help with the administration, as it would give you a GUI interface.

    I couldn't put links in to the software as its my 1st post but a google will bring them up

    Hope the above helps.
    Thanks, a very useful first post and welcome to the forum. I'm not sure if the users are actually stored in the smb password file as it uses the tdb format, my current plan of action is to check if the smb users exist on the linux system by using the "id username" comand and then if they do copying the \etc\passwd and \etc\shadow files onto a usb key and then finding the fastest machine that I can find and bashing the with the Jack the Ripper software in the hopes that I can recover a bunch of them and only have to reset a few.

    I had to give it up after a couple of hours of trying today as I could feel myself burning out, both in the temperature sense given the 32 degree C heat in the office and the career ending burnt out nurons sense.

    Thanks both for your help and I will continue to post my progress.

SHARE:
+ Post New Thread

Similar Threads

  1. Configuring Samba
    By dhicks in forum *nix
    Replies: 27
    Last Post: 12th April 2013, 11:55 PM
  2. bl**dy samba!
    By somabc in forum *nix
    Replies: 15
    Last Post: 14th November 2008, 01:39 PM
  3. User / user manager problem after migration
    By SimpleSi in forum EduGeek Joomla 1.5 Package
    Replies: 5
    Last Post: 9th June 2008, 10:57 PM
  4. Samba 4
    By FN-GM in forum *nix
    Replies: 8
    Last Post: 9th October 2007, 12:28 AM
  5. Samba
    By Jackd in forum Wireless Networks
    Replies: 2
    Last Post: 28th June 2007, 06:25 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •