transfer of encrypted password from a LDAP server to AD

[dieudonné dominique]

Helo,
How do we transfer encrypted password of type {crypt}something or
{sha}something from LDAP servers to user accounts in AD?
In all the examples I found to bulk load users in AD I always find
cleartext passwords.
I would like to have a central LDAPserver to have all the users
passwords.
At night a synchronisation can be done with local servers.
It works well with true LDAP servers, but I didn't find out how to do
that with AD.
At this stage the tool is not important:Ldifde, dsmod... as long as it
run in command mode.
I have seen something about unicodepasword but, as I understand it, it
is proprietary.
best regards,

 

[Chris Malone]

269190 How To Change a Windows 2000 User's Password Through LDAP
http://support.microsoft.com/?id=269190

You need to have a 128-bit SSL connection established to the DC. You
will have to BER-encode the password if you do it through LDIFDE - I
would recommend using the "SetPassword" method in ADSI/VBScript:


Set oUser = GetObject _
("LDAP://cn=user1,ou=Test,dc=domain,dc=com")
oUser.SetPassword "Password1"


Chris Malone
Microsoft Directory Services

 

[dieudonné dominique]

I'm not sure I explained myself clearly. I'm not trying to change
passwords nor to allow users to change their password either. What I
try to know is if it is possible to transfer encrypted password from
an LDAP server ( from SUN, Netscape or from some other flavor ) in AD,
meaning that I don't know the passwords in clear text. In other words
is AD capable of understanding the {type of encryption}encrypted
pasword or not.