LDAP SHA1 import into Windows AD
Hello,
We currently have a WIndows 2008 AD setup and also several Linux servers, of which we have a Linux LDAP server.
What I want to do is replace the Linux LDAP server with the Windows 2008 AD setup and authenticate LDAP users using AD.
I can export the LDAP users inc. their SHA1 passwords and was wondering if there is anyway I can import these into AD?
If I cannot import the SHA1 directly into AD, are there any other options?
I have seen articles which say it can only import cleartext passwords, then another article mentioning about unicodePwd and a Base64 password. Can I use the unicodePwd method with the LDAP SHA1 hash as the password?
Thanks
Stuart
May 30th, 2012 11:06am
Hello,
If the import the hash then there is no way to a DC to know the password itself :)
For that, it should be a plain text password. For that, you can use CSVDE after preparing a CSV file with passwords in
plain text.
This
posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Microsoft
Student Partner 2010 / 2011
Microsoft
Certified Professional
Microsoft
Certified Systems Administrator: Security
Microsoft
Certified Systems Engineer: Security
Microsoft
Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
Microsoft
Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
Microsoft
Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
Microsoft
Certified Technology Specialist: Windows 7, Configuring
Microsoft
Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations
Microsoft Certified IT Professional: Enterprise Administrator
Microsoft Certified IT Professional: Server Administrator
Microsoft Certified Trainer
Free Windows Admin Tool Kit Click here and download it now
May 30th, 2012 1:18pm
Hello,
If the import the hash then there is no way to a DC to know the password itself :)
For that, it should be a plain text password. For that, you can use CSVDE after preparing a CSV file with passwords in
plain text.
This
posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Microsoft
Student Partner 2010 / 2011
Microsoft
Certified Professional
Microsoft
Certified Systems Administrator: Security
Microsoft
Certified Systems Engineer: Security
Microsoft
Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
Microsoft
Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
Microsoft
Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
Microsoft
Certified Technology Specialist: Windows 7, Configuring
Microsoft
Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations
Microsoft Certified IT Professional: Enterprise Administrator
Microsoft Certified IT Professional: Server Administrator
Microsoft Certified Trainer
May 30th, 2012 1:28pm