problem with solved

Nadezhda Ivanova nivanova at
Tue Jun 29 08:31:12 MDT 2010

Hi Matthias,
I like your idea of handling this in some common way for all password tests,
but I can't get into this very soon, I would really like to get the pending
ACL stuff done. Trouble is, there always appears to be something more to do.
For example, I found out I will have to handle the Unexpire-Password
similarly to the password change stuff, it turns out there is something like
that as well :). The fastest solution is to warn people about it somehow...


On Tue, Jun 29, 2010 at 5:04 PM, Matthias Dieter Wallnöfer <mdw at>wrote:

> Hi Nadya,
> you can propose such a patch - but keep in mind: also the SAMR password
> tests would need a change in order to pass on an unconfigured Windows
> Server. I think: either all password tests integrate such a mechanism - or
> we remind the user to set it manually. Since I don't like to have a halfway
> solution.
> Sorry - I've really forgotten to tell it (it's some time back when I
> changed this) - we do always have "minPwdAge" set to "0" in order to perform
> the password tests. This is also one important difference which we could
> have noticed if we would have looked into Zahari's AD outputs :).
> Matthias
> Nadezhda Ivanova wrote:
>> Hi Matthias,
>> With Kamen's help, we determined that the reason the tests was not passing
>> in my environment is that it appears by default minPwdAge is set to one day.
>> therefore we simply cannot change the user password several times in one
>> second, and get constraint violation. So it turns out, we have to set/reset
>> minPwdAge as well at the beginning and end of the testsuite to avoid the
>> kind of problems I had. I'll do this in to handle the negative tests,
>> and if you don't mind will add the same to We should not
>> forget, however, that this means that Samba 4 does not take minPwdAge into
>> account the same way Windows does, which is maybe a bug...
>> Regards,
>> Nadya

More information about the samba-technical mailing list