From owner-freebsd-questions@freebsd.org Tue Jul 14 15:53:34 2015 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BAB619A133D for ; Tue, 14 Jul 2015 15:53:34 +0000 (UTC) (envelope-from dweimer@dweimer.net) Received: from webmail.dweimer.net (24-240-198-187.static.stls.mo.charter.com [24.240.198.187]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "www.dweimer.net", Issuer "Go Daddy Secure Certificate Authority - G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 80D4A133 for ; Tue, 14 Jul 2015 15:53:33 +0000 (UTC) (envelope-from dweimer@dweimer.net) Received: from webmail.dweimer.local (webmail [192.168.5.2]) by webmail.dweimer.net (8.14.9/8.14.9) with ESMTP id t6EFrWOK095326 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 14 Jul 2015 10:53:32 -0500 (CDT) (envelope-from dweimer@dweimer.net) Received: (from www@localhost) by webmail.dweimer.local (8.14.9/8.14.9/Submit) id t6EFrWAc095325; Tue, 14 Jul 2015 10:53:32 -0500 (CDT) (envelope-from dweimer@dweimer.net) X-Authentication-Warning: webmail.dweimer.local: www set sender to dweimer@dweimer.net using -f To: "O. Hartmann" Subject: Re: Howto create password hash for Windows server 2012 with freeBSD/Samba X-PHP-Script: www.dweimer.net/webmail/index.php for 71.86.41.122, 192.168.5.3 MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Tue, 14 Jul 2015 10:53:32 -0500 From: dweimer Cc: freebsd-questions@freebsd.org Organization: dweimer.net Reply-To: dweimer@dweimer.net Mail-Reply-To: dweimer@dweimer.net In-Reply-To: <20150714173504.24b14c3b.ohartman@zedat.fu-berlin.de> References: <20150714123446.3dfc808d@freyja.zeit4.iv.bundesimmobilien.de> <2198a51d3af1d9546e6da2afc70690d9@dweimer.net> <20150714173504.24b14c3b.ohartman@zedat.fu-berlin.de> Message-ID: X-Sender: dweimer@dweimer.net User-Agent: Roundcube Webmail/1.1.2 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jul 2015 15:53:34 -0000 On 07/14/2015 10:35 am, O. Hartmann wrote: > Am Tue, 14 Jul 2015 09:23:59 -0500 > dweimer schrieb: > >> On 07/14/2015 5:34 am, O. Hartmann wrote: >> > Scenario: >> > >> > A CURRENT box is to mount a share from a windows server 2012r2 machine >> > using >> > autofs(5). >> > >> > Setting up the SHAREs on Windows 2012 side and connecting to those >> > shares via >> > FreeBSD's mount_smbfs(8) manually went smoothly. >> > >> > But when it comes to automated mounting a Windows 2012 share via >> > automounter >> > (autofs) I fail. Autofs is setup using mount_smbfs with the "-N" >> > option. >> > regarding the documentation /etc/nsmb.conf is looked up for an >> > appropriate >> > setup and password=XXXXX field. Cleartext passwords do not work with M$ >> > server >> > 2012r2. Now I'm looking for a way to generate a "Hash" to put it >> > into /etc/nsmb.conf. >> > >> > Some websites tell the hash is NT MD4 hash. generating a md4 hash with >> > FreeBSD's onboard-tools is not possible, as far as i can see. crypt(3) >> > uses the >> > ability to generate a NT hash depending on the mode set for using the >> > appropriate hash algorithm, but I can not see how I could use/misuse >> > passwd or >> > any related onboard tool to emmit a NT hash. >> > >> > Please CC me via email (not subscribing the list) and help and >> > suggestions are >> > highly appreciated. >> > >> >> use: >> smbutil crypt >> > > Thank you for responding. > > I did use smbutil crypt, placed the output in /etc/nsmb.conf (tagged: > password=$$1XXXXXXXX) as suggested by the manpage. > > Manpage of nsmb.conf reports the user's private config file is > ~/nsmb.conf, but having > that file, I get a "no cfg file found" error - it seems the manpage is > wrong. > Having ~/.nsmbrc avoids that error. > > But anyway, only interactive mounting works. No automated one! I use /etc/nsmb.conf [WORKSTATION:DWEIMER] password=$$1... addr=192.168.5.66 then in /etc/fstab # Samba File Systems //dweimer@workstation/Music /smbfs/workstation/Music smbfs rw,late,-N 0 0 //dweimer@workstation/Documents /smbfs/workstation/Documents smbfs rw,late,-N 0 0 //dweimer@workstation/Downloads /smbfs/workstation/Downloads smbfs rw,late,-N 0 0 //dweimer@workstation/Pictures /smbfs/workstation/Pictures smbfs rw,late,-N 0 0 //dweimer@workstation/Videos /smbfs/workstation/Videos smbfs rw,late,-N 0 0 I haven't tried getting it to work under a regular user, but this works great with one exception, it makes booting take forever when it gets to the point it mounts these. Not sure why it takes so long, its fast to access the files when mounted. I have been using this setup for a couple of years to enable access via the Pydio web application on my server to my files from my laptop and iPhone if needed remotely. -- Thanks, Dean E. Weimer http://www.dweimer.net/