[SAMBA4] Help wanted: utility to set password properties
Johannes
johannes_samba at aon.at
Mon Feb 2 18:23:03 GMT 2009
hi andrew,
i already made some tests with python and samba4,
but on my last question on RPC & LSA-strings nobody I got no answere.
anyway, the script you are talking about should work only as user root
by manipulating the LDAP entries on the server.
is this correct?
my passwd-change i tested first (for smbpasswd replacement in samba4)
was also working in the way, but of couse only with user root.
with changing entries on the LPAD i think i could handle it,
it this what you think about?
BR johannes
> Samba4 needs a small python script, and I figured I might as well ask
> the list to write it :-)
>
> We currently have utilities in source4/setup such as newuser,
> setpassword and setexpiry.
>
> However, we need a utility to manipulate the password properties, such
> as minPwdAge, maxPwdAge, minPwdLength and pwdProperties. These are
> found in the basedn of the domain (ie DC=samba,DC=org).
>
> pwdProperties in particular is a bitmask, defined as:
>
> /* password properties flags */
> typedef [public,bitmap32bit] bitmap {
> DOMAIN_PASSWORD_COMPLEX = 0x00000001,
> DOMAIN_PASSWORD_NO_ANON_CHANGE = 0x00000002,
> DOMAIN_PASSWORD_NO_CLEAR_CHANGE = 0x00000004,
> DOMAIN_PASSWORD_LOCKOUT_ADMINS = 0x00000008,
> DOMAIN_PASSWORD_STORE_CLEARTEXT = 0x00000010,
> DOMAIN_REFUSE_PASSWORD_CHANGE = 0x00000020
> } samr_PasswordProperties;
>
> I need a new script to make it easier for administrators to set their
> domain to not enforce complex passwords (in particular), and to set the
> other flags.
>
> Thanks,
>
> Andrew Bartlett
> --
> Andrew Bartlett
> http://samba.org/~abartlet/
> Authentication Developer, Samba Team http://samba.org
> Samba Developer, Red Hat Inc.
>
More information about the samba-technical
mailing list