smbpasswd enables a closed account.
William Jojo
w.jojo at hvcc.edu
Wed Mar 25 17:15:28 GMT 2009
I have been beating my head against the wall on this one.
smbpasswd run as "joeuser" removes the D flag making it an open account
on our windows machines.
It appears that smbpasswd sets remote_host to "127.0.0.1" so that
remote_password_change() is called, but no flags are passed, so how does
Samba remove the D flag?
I don't want it removed since we use a secure web page to do a call to
smbpasswd to set all password hashes in LDAP based on a new password. We
would not not want it enabled unless a specific record comes from
another source (at which point we would use the "-e" option. Since the
passwords are used for other services as well, we desire to keep them in
sync until a user is allowed to use Samba at a later date.
My ability to follow the code ends when I get to the
rpccli_samr_chgpasswd_user2() call in libsmb/passchange.c and it go as
far down as rpccli_samr_ChangePasswordUser2() then I don't really follow
anymore... :-/
Any ideas?
Cheers,
Bill
More information about the samba-technical
mailing list