We upgraded the OS of our Active Directory server to Windows 2012. On a linux computer, we use a script to obtain an account's hashed password, using the ldapsearch command. (We request the msSFU30Password attribute.)
The script works fine for any account that was created before the new server was installed. For new accounts, no password is returned! What can I do to make this possible again? Thanks.
From what I can find, the msSFU30Password attribute (and associated password syncing to the regular userPassword attribute) was originally supplied by part of the "Services for Unix" package, called Identity Management for UNIX.
It's possible that this is not configured on new installs/upgrades to Windows 2012 because it's now considered deprecated. (I could not find any information about what is supposed to replace it).
If it's not already enabled/configured trying doing so using Dism.exe:
Install the admin tools:
Dism.exe /online /enable-feature /featurename:adminui /all
Install Server for NIS:
Dism.exe /online /enable-feature /featurename:nis /all
Install Password Sync:
Dism.exe /online /enable-feature /featurename:psync /all
