Preventing users from changing password
abartlet at samba.org
Wed Jul 10 16:27:01 GMT 2002
Patrick McCarty wrote:
> Hi all,
> I'm attempting to prevent our users from changing their passwords from
> Windows XP specifically.
> I've tried settings acctflags in LDAP to:
> acctFlags: [UPX ]
> (P for cannot change password)
There is no 'P' option.
> and i've set:
> pwdCanChange: 2147483647
> pwdMustChange: 2147483647
> Unfortunately, XP isn't honoring these fields.
> What's the trick?
Not supported in Samba yet.
The 'user cannot change password' is implmented in NT as an ACL on the
user. We don't have ACL support for this yet - dicussions are just
starting on a new SAM subsystem with such features.
PasswordCanChange is also not yet implemented, but I'll take patches (to
HEAD) to improve that support.
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical