[Samba] Password expiry

Andrew Bartlett abartlet at samba.org
Fri Oct 25 08:59:01 GMT 2002


fred pasteck wrote:
> 
> Hi all,
> 
> I am running samba-2.2.6 on RH62 providing local
> workgroup shares for a mixture of 98/NT/2000/XP
> clients. I'd like to configure samba to somehow detect
> when a password is expired and pop up a box on the
> client workstation to require users to change their
> password.
> 
> Is this possible? Does it work on all of 98/NT/2000/XP
> machines?
> 
> I've tried various /usr/bin/passwd command-line
> arguments to actually expire someone's password, but
> that also doesn't seem to work. It seems to get
> ignored entirely.
> 
> Can someone with more experience than myself provide
> the information necessary to make this happen?

OK - the only way to do this in 2.2 is to setup 'unix passwd sync',
'obey pam 
restrictions' and the pam config file.  Naturally you need --with-pam,
and it only really works properly for NT and Win2k/XP.

The idea is that we pass the idea off to PAM.  This works, as long as
PAM knowns to 'expire' the password.  If it's not in sync, then it won't
make any sense.  In any case, this is all implmented nativly in 3.0,
which will work with Win9X too.

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net



More information about the samba mailing list