[Samba] Strange behaviour of samba-3.0.2rc2
Nishant Sharma
nishant at deeproot.co.in
Tue Feb 10 10:08:24 GMT 2004
Andrew Bartlett wrote:
>On Tue, 2004-02-10 at 02:42, Nishant Sharma wrote:
>
>
>>On comparing the LDAP attributes of the users whose passwd I had reset and
>>of those I didn't, I observed that when the value of the following
>>three attributes are set to '0'(zero) for a user, he was not able to
>>login:
>>sambaPwdLastSet
>>sambaPwdCanChange
>>sambaPwdMustChange
>>
>>In Samba-3.0.0-2, if these values were set to 0, the user was prompted to
>>change his password at the time of first logon saying that his password
>>has expired. But with Samba-3.0.2rc2, login was not possible. Only on
>>removing these three attributes or resetting their values, which is done
>>by 'smbpasswd', logins were possible.
>>
>Quite correct. If the password was last set in 1970, then we consider
>that it might be a bogus password (see the security annoucement about
>mksmbpasswd.sh for 3.0.2).
>
>Either do not set that attribute, or set it to a valid value.
>
>(The other values are unaffected).
>
>
Hmm.. that means I've to set it right at the time off adding users :).
Thanks a lot.
But if i wish to force the users to change the password as soon as they
login for
first time, is there any way round for this?
regards,
Nishant
More information about the samba
mailing list