Howto create password hash for Windows server 2012 with freeBSD/Samba
O. Hartmann
ohartman at zedat.fu-berlin.de
Tue Jul 14 15:35:13 UTC 2015
Am Tue, 14 Jul 2015 09:23:59 -0500
dweimer <dweimer at dweimer.net> schrieb:
> On 07/14/2015 5:34 am, O. Hartmann wrote:
> > Scenario:
> >
> > A CURRENT box is to mount a share from a windows server 2012r2 machine
> > using
> > autofs(5).
> >
> > Setting up the SHAREs on Windows 2012 side and connecting to those
> > shares via
> > FreeBSD's mount_smbfs(8) manually went smoothly.
> >
> > But when it comes to automated mounting a Windows 2012 share via
> > automounter
> > (autofs) I fail. Autofs is setup using mount_smbfs with the "-N"
> > option.
> > regarding the documentation /etc/nsmb.conf is looked up for an
> > appropriate
> > setup and password=XXXXX field. Cleartext passwords do not work with M$
> > server
> > 2012r2. Now I'm looking for a way to generate a "Hash" to put it
> > into /etc/nsmb.conf.
> >
> > Some websites tell the hash is NT MD4 hash. generating a md4 hash with
> > FreeBSD's onboard-tools is not possible, as far as i can see. crypt(3)
> > uses the
> > ability to generate a NT hash depending on the mode set for using the
> > appropriate hash algorithm, but I can not see how I could use/misuse
> > passwd or
> > any related onboard tool to emmit a NT hash.
> >
> > Please CC me via email (not subscribing the list) and help and
> > suggestions are
> > highly appreciated.
> >
>
> use:
> smbutil crypt
>
Thank you for responding.
I did use smbutil crypt, placed the output in /etc/nsmb.conf (tagged:
password=$$1XXXXXXXX) as suggested by the manpage.
Manpage of nsmb.conf reports the user's private config file is ~/nsmb.conf, but having
that file, I get a "no cfg file found" error - it seems the manpage is wrong.
Having ~/.nsmbrc avoids that error.
But anyway, only interactive mounting works. No automated one!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20150714/3b78d3d0/attachment.bin>
More information about the freebsd-questions
mailing list