[Samba] Strange behaviour of samba-3.0.2rc2
Andrew Bartlett
abartlet at samba.org
Tue Feb 10 07:42:34 GMT 2004
On Tue, 2004-02-10 at 02:42, Nishant Sharma wrote:
> Hi!
>
> On comparing the LDAP attributes of the users whose passwd I had reset and
> of those I didn't, I observed that when the value of the following
> three attributes are set to '0'(zero) for a user, he was not able to
> login:
> sambaPwdLastSet
> sambaPwdCanChange
> sambaPwdMustChange
>
> In Samba-3.0.0-2, if these values were set to 0, the user was prompted to
> change his password at the time of first logon saying that his password
> has expired. But with Samba-3.0.2rc2, login was not possible. Only on
> removing these three attributes or resetting their values, which is done
> by 'smbpasswd', logins were possible.
>
> It would be helpful if someone could enlighten me on this issue. Thanks in
> advance.
Quite correct. If the password was last set in 1970, then we consider
that it might be a bogus password (see the security annoucement about
mksmbpasswd.sh for 3.0.2).
Either do not set that attribute, or set it to a valid value.
(The other values are unaffected).
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040210/8cb4e6d1/attachment.bin
More information about the samba
mailing list