"Password must change" versus sambaPwdMustChange attribute

Jim McDonough jmcd at themcdonoughs.org
Thu May 24 11:31:40 GMT 2007


On 5/24/07, Jim McDonough <jmcd at samba.org> wrote:
>
> On Thu, May 24, 2007 at 10:28:05AM +0200, Bartlomiej Solarz-Niesluchowski
> > wrote:
> > > on 3.0.25 it looks different:
> > > - "maximum password age" has bigger precedence then sambaPwdMustChange
> >
> Yes, this is the key part: we are now doing it correctly, and we weren't
> before.  If you need to force it for a single user, then choose a password
> last set time accordingly (zero would be fine to force it now).
>

I should clarify what this means: the user info field that says "password
must change" is not actually a SAM attribute, it's dynamically calculated as
Volker pointed out.  The user info structures do not map 1:1 to the SAM
fields, though in earlier versions we'd made that incorrect assumption.
Sorry for the change now, but it's now working correctly.


-- 
-------------------
Jim McDonough
Samba Team
jmcd at samba dot org


More information about the samba-technical mailing list