shadowAccount
Steve Langasek
vorlon at netexpress.net
Tue Aug 6 11:04:01 GMT 2002
On Tue, Aug 06, 2002 at 07:15:31PM +1000, Andrew Bartlett wrote:
> Bartlomiej Solarz-Niesluchowski wrote:
> > Good Morning!
> > When Samba will use informations in shadowAccount?
> > e.g.:
> > shadowLastChange: 11898
> > shadowMax: 90
> > shadowWarning: 14
> > shadowInactive: 14
> These apply to the 'shadow' password, which is not always the same as
> Samba password.
> > Or when samba will use PAM for such things?
> Samba 2.2 and 3.0 will honer those valuea via PAM, when so configured.
> > Currently I have setup batch which test above informations and changes it
> > with smbpasswd -e (-d), but this solution is far from perfect.
> Most of these have 'nt' equivilants that Samba uses.
> That said, it would be useful to be able to use these existing
> attributes. Unfortunetly the 'shadow' system has a granularity in days,
> while NT uses seconds (actually 100'th of a second I think, but we
> convert to time_t). It is this kind of 'not quite compatibility' that
> makes this difficult.
As a result, it may be more practical to teach the rest of the Unix
system to use the finer-grained attributes. I believe pam_smbpass can
do this, when pointed at an LDAP backend.
Steve Langasek
postmodern programmer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20020806/1fd4f29b/attachment.bin
More information about the samba-technical
mailing list