TechQA.

Viewing the hashed password via LDAPSEARCH from Windows 2012 server?

1.6k views Asked by At

We upgraded the OS of our Active Directory server to Windows 2012. On a linux computer, we use a script to obtain an account's hashed password, using the ldapsearch command. (We request the msSFU30Password attribute.)

The script works fine for any account that was created before the new server was installed. For new accounts, no password is returned! What can I do to make this possible again? Thanks.

active-directory ldap windows-server-2012 ldap-query
Original Q&A
1

There are 1 answers

0
Stephen On

From what I can find, the msSFU30Password attribute (and associated password syncing to the regular userPassword attribute) was originally supplied by part of the "Services for Unix" package, called Identity Management for UNIX.

It's possible that this is not configured on new installs/upgrades to Windows 2012 because it's now considered deprecated. (I could not find any information about what is supposed to replace it).

If it's not already enabled/configured trying doing so using Dism.exe:

Install the admin tools:

Dism.exe /online /enable-feature /featurename:adminui /all

Install Server for NIS:

Dism.exe /online /enable-feature /featurename:nis /all

Install Password Sync:

Dism.exe /online /enable-feature /featurename:psync /all

Related Questions in ACTIVE-DIRECTORY

Related Questions in LDAP

Related Questions in WINDOWS-SERVER-2012

Related Questions in LDAP-QUERY

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions