pdb_ldap kickoffTime default

Andrew Bartlett abartlet at pcug.org.au
Mon Mar 25 13:12:02 GMT 2002


metzemix at gmx.de wrote:
> 
> I have tested samba-3.0-alpha17, I used the pdb_ldap SAM backend.
> 
> When I tried to connect to a samba share. I got an error:
> in the log something like this
> 
> account for user test has expired!
> 
> kickoffTime has unix timestamp 1001!!
> 
> But there no entries for
> logonTime,logoffTime,kickoffTime,pwdMustChange,pwdCanChange in my ldap entry for user test. when I add the attribute
> kickoffTime=0.
> 
> Then I got :
> account for user test password must change or something like this.
> 
> I add pwdMustChange=0.
> 
> and I have no problems!!!:-)
> the value 1001 for kickoffTime is the value of the primaryGroupID attribute,
> I tested it for a view users...
> 
> I wrote a patch to set the defaults timestamps when there are no attributes
> in the ldap entry.
> 
> logonTime=0
> pwdCanChange=0
> pwdMustChange=get_time_t_max();
> logoffTime=get_time_t_max();
> kickoffTime=get_time_t_max();

Nice catch!  I'll apply this shortly.

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net




More information about the samba-technical mailing list