[Samba] Samba3 + smbldap-tools & smbpasswd

rruegner robert at ruegner.org
Wed Sep 15 13:44:22 GMT 2004

Hi dan which version samba do you use?
a microsoft patch broke password change before samba 3.04
so use the last samba version 3.07
maybe this is short answer

Dan Slatford schrieb:

> I've been fiddling lately with Samba 3 coupled with openldap, nss_ldap,
> pam_ldap and the smbldap-tools to create a PDC.
> Following various examples, most things work, but I have an issue with
> changing passwords from Windows.
> If I manually change a password with smbldap-passwd, the script
> correctly adjusts the sambaPwdMustChange attribute according to what
> defaultMaxPasswordAge is set to.
> If I change the password through Windows, Samba presumably uses
> smbpasswd, because the sambaPwdMustChange attribute is then somehow set
> to only 2 days into the future. The same thing happens if I run
> smbpasswd manually. As a simple hack I even tried symlinking
> /usr/bin/smbpasswd to /use/local/sbin/smbldap-passwd, but samba *still*
> used it's own mechanism, which always ends up in sambaPwdMustChange
> being just a couple of days ahead.
> Meaning of course, if users will ever change their own passwords, the
> ldap record will manually need fixing. Is there a way I can get samba to
> use only the smbldap-passwd script or otherwise fix this so 
> sambaPwdMustChange is set to defaultMaxPasswordAge from the
> smbldap-tools conf file, or at least something further ahead in the
> future than two days?

More information about the samba mailing list