RFC: Add some functionality to net ads changetrustpw

Noel Power NoPower at suse.com
Wed Nov 13 14:26:41 UTC 2019


I have a patch here resulting from a customer request where they wish to
be able to periodically run a command to trust pw after a number of days
has expired (so something they can run in cron job) The would be
something similar to what winbind does with 'machine password timeout'
param. So this is something to be used when winbind isn't used.

I have modified 'net ads changetrustpw' to take an optional param
'expire_days=age' where age is number of days old the password has to be
before being changed. In other words if the last time the trustpw was
changed was 10 days ago then

a) 'net ads changetrustpw expire_days=12' 

b) 'net ads changetrustpw expire_days=5'

c) 'net ads changetrustpw'

a) won't update the trustpw because the password is not yet 12 days old

b) will update the password because the password is older than 5 days old

c) will update the password immediately (as before)

I attach patches here,

pipeline https://gitlab.com/samba-team/devel/samba/pipelines/95618404



-------------- next part --------------
A non-text attachment was scrubbed...
Name: changetrustpw.patch
Type: text/x-patch
Size: 7271 bytes
Desc: changetrustpw.patch
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20191113/50fb6bfc/changetrustpw.bin>

More information about the samba-technical mailing list