Forcing Windows Password Change
Andrew Bartlett
abartlet at pcug.org.au
Mon Sep 24 01:14:04 GMT 2001
Thomas E Bruno wrote:
>
> On Sat, 2001-09-22 at 21:45, Andrew Bartlett wrote:
> > Thomas E Bruno wrote:
> > >
> > > I would like to know if there is a way, and how to accomplish this very
> > > simple task:
> > >
> > > Can samba force clients to change thier passwords from windows. Like the
> > > NT way "Your password has expired, please type new password" etc...
> > >
> > > If there is not support, why isn't there? this seems to me to be one
> > > large feature of a PDC!! Especially when removing a winNT/2000 server
> > > and placing a linux/samba server in it's place!
> >
> > I beleive this code is available in Samba 2.2.1a. Simply ensure that
> > unix/samba passwords are kept in sync and that 'enable pam restrictions'
> > is 'yes'. Then just do normal password expiry on your unix accounts,
> > and Samba will enforce this during the domain logon process.
> >
>
> This solution worked to a point. Now it at least tells me bad password (Because the account has been disabled.
> But it does not let the windows machine change the password.
> All that happens is the account expires, and is diabled... the password is not reset.
Is this for file-share connects or domain logons? Last I checked (which
was a while ago), it worked for domain logons. What version of samba
are you using?
When I put this code togeather I was using NT4, and it would pop-up a
dialog box during the domain logon telling me my password was expired
and asking for a new password.
Unfortunetly we can't do this for file-share connects, due to protocol
issues.
Hope this helps,
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Samba Team member, Build Farm maintainer abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba
mailing list