This ADHash is derived from NTLM, so it cannot be plaintext.
From: Clément OUDOT [mailto:[email protected]] Sent: 07 November 2013 11:23 To: Benjamin Vogt; lsc-userslsc-users Subject: Re: [lsc-users] unicodePwd :: double colon 2013/11/7 Benjamin Vogt <[email protected]> Hi Clément, No, this hash is not equivalent to plaintext. I have the encoded hash just the way AD wants it. I need to push it to AD. unicode password is just like plain text. Believe me. You can get the password value without any secret key. I have over 1000 users, so I cannot ask my users to reenter their passwords. So the question remains why lsc cannot do unicodePwd:: 2rKe+ZA8fFQr+AvgM7KOkw==, but ldapmodify can (note the double colon, I have set binaryAttributes)? What you see is just the LDIF output. LSC makes an LDAP modify operation (in java) to update AD. Maybe your problem is elsewhere. I gave you a working solution, it's up to you to use it or not. Clément.
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
