"Password must change" versus sambaPwdMustChange attribute
jmcd at themcdonoughs.org
Thu May 24 11:31:40 GMT 2007
On 5/24/07, Jim McDonough <jmcd at samba.org> wrote:
> On Thu, May 24, 2007 at 10:28:05AM +0200, Bartlomiej Solarz-Niesluchowski
> > wrote:
> > > on 3.0.25 it looks different:
> > > - "maximum password age" has bigger precedence then sambaPwdMustChange
> Yes, this is the key part: we are now doing it correctly, and we weren't
> before. If you need to force it for a single user, then choose a password
> last set time accordingly (zero would be fine to force it now).
I should clarify what this means: the user info field that says "password
must change" is not actually a SAM attribute, it's dynamically calculated as
Volker pointed out. The user info structures do not map 1:1 to the SAM
fields, though in earlier versions we'd made that incorrect assumption.
Sorry for the change now, but it's now working correctly.
jmcd at samba dot org
More information about the samba-technical