[Samba] Posted this question once already -- no response. Password expiry problem

[ray klassen]

Solved this problem 


<gentle rant>
This is precisely the sort of question that should be answerable on this list. 

Has no one run into this before? 

I've brought it up twice here and several times on the irc channel with no response, but the solution was simple enough
</gentle rant>

anyway here it is. So that it goes in the mailing list and others can find it.

/etc/smbldap-tools/smbldap.conf includes a line that says 

defaultMaxPasswordAge="45" 

This affects the sambaPwdMustChange date stamp attribute in the ldap user record at the time smbldap-passwd is run.

sambaPwdMustChange appears to trump the user "X" flag and the maximum password age system policy


Maybe that's the nature of the samba 3.x beast. 

Maybe it has to be that way if you are using LDAP. 
Now that Samba 4 is out probably no one will want to comment on that.




----- Original Message -----
From: ray klassen <julius_ahenobarbus at yahoo.co.uk>
To: "samba at lists.samba.org" <samba at lists.samba.org>
Cc: 
Sent: Monday, 14 January 2013, 10:06
Subject: [Samba] Posted this question once already -- no response. Password expiry problem

A user with the X (password doesn't expire) flag on his account was forced to change his password because it expired on a system with 


pdbedit -P'maximum password age'

account policy "maximum password age" description: Maximum password age, in seconds (default: -1 => never expire passwords)

What's going on? why is samba ignoring this and expiring passwords anyways?

samba Version: 2:3.6.3-2ubuntu2.3 on ubuntu Precise

But I'm having the same issue with whatever version of samba is current on debian squeeze.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba