[Samba] Hows samba calculating sambaPwdMustChange?
rauno.tuul at haigekassa.ee
Thu Jan 8 08:50:29 GMT 2004
In latest samba 3 there is a policy setting option:
$ pdbedit -P "maximum password age" -C 7776000
When user changes password, then new sambaPwdMustChange will be calculated
based on policy. My policy is 90 days. works just fine.
2147483647 is just a value in far future (year 2030 or something), meaning
that user doesn't have to change his password.
Another way is to set value in smbldap-tools (latest version needed
(included in samba 3.0.1 package).
# Default password validation time (time in days) Comment the next line if
# you don't want password to be enable for $_defaultMaxPasswordAge days (be
# careful to the sambaPwdMustChange attribute's value)
$_defaultMaxPasswordAge = 90;
When using 'smbldap-passwd.pl username' password will be changed and needed
sambaPwdMustChange will be set.
Third way is to change value manually in LDAP base with ldap-modify.
> -----Original Message-----
> From: Beast [mailto:indorama at rad.net.id]
> When samba password has been expired, user are force to
> change their password from client WS.
> Samba will modify sambaPwdMustChange attribute and the value
> seems always "2147483647", this not happen when changin
> password with smbpasswd.
> >From where samba calculate value for "sambaPwdMustChange"?
> is it constant?
> Is it possible to specify different value?
More information about the samba