[Samba] Password expiry
Andrew Bartlett
abartlet at samba.org
Fri Oct 25 08:59:01 GMT 2002
fred pasteck wrote:
>
> Hi all,
>
> I am running samba-2.2.6 on RH62 providing local
> workgroup shares for a mixture of 98/NT/2000/XP
> clients. I'd like to configure samba to somehow detect
> when a password is expired and pop up a box on the
> client workstation to require users to change their
> password.
>
> Is this possible? Does it work on all of 98/NT/2000/XP
> machines?
>
> I've tried various /usr/bin/passwd command-line
> arguments to actually expire someone's password, but
> that also doesn't seem to work. It seems to get
> ignored entirely.
>
> Can someone with more experience than myself provide
> the information necessary to make this happen?
OK - the only way to do this in 2.2 is to setup 'unix passwd sync',
'obey pam
restrictions' and the pam config file. Naturally you need --with-pam,
and it only really works properly for NT and Win2k/XP.
The idea is that we pass the idea off to PAM. This works, as long as
PAM knowns to 'expire' the password. If it's not in sync, then it won't
make any sense. In any case, this is all implmented nativly in 3.0,
which will work with Win9X too.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba
mailing list