[Samba] password aging
Andrew Bartlett
abartlet at samba.org
Wed Feb 19 23:12:03 GMT 2003
On Thu, 2003-02-20 at 07:11, joe.morin at dominiondiagnostics.com wrote:
>
>
>
>
> What are my options for implementing password aging using samba as my PDC ?
> I can set the users Linux password to expire, but it doesn't seem to
> propagate to their samba passwords.
> I absolutely need this functionality. Is OpenLDAP the answer?
If you set 'obey pam restrictions = yes' and setup the correct PAM
configuration files, then Samba will also honer this. You should also
set 'unix password sync = yes' and 'pam password change yes' so that the
password changes update the PAM backend too.
Or move to Samba 3.0 (currently alpha) and use the pdb_ldap backend to
store your passwords, which fully supports password expiry, based on our
own 'pwdMustChange' attribute.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20030220/c717cfdf/attachment.bin
More information about the samba
mailing list