samba3upgrade migration results, issues, questions
abartlet at samba.org
Sun May 6 01:25:52 MDT 2012
On Fri, 2012-05-04 at 09:42 +0400, Sergey Urushkin wrote:
> 04.05.2012 04:47, Andrew Bartlett написал:
> > On Thu, 2012-05-03 at 17:26 +0400, Sergey Urushkin wrote:
> >> Andrew Bartlett писал 03.05.2012 16:32:
> >>> What was the original account policy?
> >> sambaMaxPwdAge: 2592000
> > This is the fundemental issue, and attached is a proposed patch. The
> > logs you sent me privately contained the critical clue.
> > The problem is, that this is a 7000 year password expiry. As such, it
> > is a little beyond what times we can print with gmtime(), which breaks
> > down for such large dates.
> > I've put in a clamp on returning and processing password expiry past
> > 2038 for now, as we define TIME_T_MAX to that in for other processing.
> > Please let me know if this solves your issue, so I can push it to
> > master, and I thank you very much for your patience.
> > Andrew Bartlett
> This patch may help in some situations, but I believe there is another
> reason for this issue.
> Here is a part of samba.schema for openldap:
> # "maximum password age"
> attributetype ( 220.127.116.11.4.1.718.104.22.168 NAME 'sambaMaxPwdAge'
> DESC 'Maximum password age, in seconds (default: -1 => never
> expire passwords)'
> EQUALITY integerMatch
> SYNTAX 22.214.171.124.4.1.14126.96.36.199.27 SINGLE-VALUE )
> The key words are "in seconds". So, I think the problem is that
> samba3upgrade uses this value as a number of days, but it should be a
> number of seconds.
> Anyway I'll try you patch to test if it helps with a possible situation
> you described.
Thanks, this is why I'm very glad to be working with you on this. Try
this patch instead.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1540 bytes
Desc: not available
More information about the samba-technical