samba4 and password expiration
abartlet at samba.org
Fri Oct 17 05:18:04 GMT 2008
On Thu, 2008-09-25 at 23:40 +0400, Matthieu Patou wrote:
> On 25.09.2008 21:20, Andrew Bartlett wrote:
> > On Thu, 2008-09-25 at 21:14 +0400, Matthieu Patou wrote:
> >> Dear all,
> >> It seems that the current password expiration for samba4 is around 42
> >> days is there a way to change this value (parameter in smb.conf, ldb
> >> file or even recompilation) ?
> > This would be by setting the maxPwdAge in the domain DN, or the
> Exactly ... found it, it can be modified with ldbedit -H users.ldb and
> it must be in tenth of microsecond and negative number.
> > UF_DONT_EXPIRE_PASSWD flag onto the user (using the setup/setexpiry)
> > tool.
> I didn't know about this but I know that it is possible through the AD
> manager of Microsoft (as spotted in the Samba Wiki).
> It seems that with a Windows 2003/2008 server you can do this through
> global policy editor, is it plan to do something that either replace
> this tool or (as it is still usefull for defining policies for the
> workstations) to read the files into var/locks/policies and replicate
> the change into samba's ldap ?
That's pretty much the idea - Samba clearly needs to be a group policy
client at some point (soon).
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20081017/b8d26da0/attachment.bin
More information about the samba-technical