samba4 and password expiration
Andrew Bartlett
abartlet at samba.org
Mon Sep 29 02:45:26 GMT 2008
On Thu, 2008-09-25 at 23:40 +0400, Matthieu Patou wrote:
> On 25.09.2008 21:20, Andrew Bartlett wrote:
> > On Thu, 2008-09-25 at 21:14 +0400, Matthieu Patou wrote:
> >> Dear all,
> >>
> >> It seems that the current password expiration for samba4 is around 42
> >> days is there a way to change this value (parameter in smb.conf, ldb
> >> file or even recompilation) ?
> >
> > This would be by setting the maxPwdAge in the domain DN, or the
> Exactly ... found it, it can be modified with ldbedit -H users.ldb and
> it must be in tenth of microsecond and negative number.
>
> > UF_DONT_EXPIRE_PASSWD flag onto the user (using the setup/setexpiry)
> > tool.
> I didn't know about this but I know that it is possible through the AD
> manager of Microsoft (as spotted in the Samba Wiki).
>
> It seems that with a Windows 2003/2008 server you can do this through
> global policy editor, is it plan to do something that either replace
> this tool or (as it is still usefull for defining policies for the
> workstations) to read the files into var/locks/policies and replicate
> the change into samba's ldap ?
One of the big tasks remaining is to create a tool capable of applying
the Group Policy definitions to Samba itself, rather than just to
clients.
It would be good to also have a non-Microsoft Group Policy editor.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc. http://redhat.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20080928/e967f82a/attachment.bin
More information about the samba-technical
mailing list