[Samba] Password about to expire -- Turn Windlows Client Password Ageing Off?

Steven Mackenzie sjm at activenavigation.com
Fri Feb 22 05:50:21 GMT 2002

I have a Domain controlled by a (Samba 2.2.2 upgraded to) Samba 2.2.3a PDC,
unix password sync = yes

The PDC (on a Mandrake Linux 8.X box) does not use password ageing, and we
don't want password ageing on our network.

We have a mix of Windows 98, NT4 and 2000 client workstations.

Unfortunately, some of the Windows 2000 users who log in to the domain have
complained that Windows is insisting that they must change their domain
password, and also that the interval given until expiry seems to change at

If they do chose to do change the password, then things will usually carry
on with no problem. Also, the workstation "Local Security Settings" (Control
Panel>Administrative tools>Local Security Settings/Local Policies/Security
Options/Prompt user to change password ...) can be edited so that no warning
is displayed, although I've been told that the machine may suddenly insist
on a password change later.

Is there any way to specify from the Samba PDC that there is no expiry
period for the password?

Also, a minor problem can occur with the password changing/synchronising: if
the new password is too simple (eg a dictionary word) then it will be
rejected by the Linux server. This is reported to the user as "The user name
or old password was incorrect ..." Is it possible to make this message less

Is this fixable?

Thanks for any help,

Steven Mackenzie
Active Navigation Ltd
+44 (0) 23 8074 2420
sjm at activenavigation.com

More information about the samba mailing list