[Samba] sambaPwdMustChange not properly set with smbldap

lucarasp at inwind.it lucarasp at inwind.it
Wed Sep 29 09:49:51 GMT 2004 

I'm using samba 3.0.6 on fedora core 1 with LDAP enabled and smbldap-tools.

When I change a user password with smbldap-passwd <username>, i find that
sambaPwdMustChange attribute is correctly set to 30 days later as set in
smbldap_conf.

But, if I try to change password from any Win2000 or WinXP client with
CTRL+ALT+CANC --> CHANGE PASSWORD i notice that sambaPwdMustChange attribute is
always set to 2147483647.

I have tryed different setups in smb.conf but nothing has changed.

Here is last config.....

   security = user
                                                                               
                                                                               
                                       
  password level = 8
  username level = 8
  encrypt passwords = yes
  smb passwd file = /etc/samba/smbpasswd
                                                                               
                                                                               
                                        
  passdb backend = ldapsam:"ldap://localhost" smbpasswd
  ldap suffix = dc=myfactory,dc=mycountry
  ldap admin dn = cn=Manager,dc=myfactory,dc=mycountry
  ldap ssl = no
  ldap group suffix = ou=Group
  ldap machine suffix = ou=Machine
  ldap user suffix = ou=People
                                                                               
                                                                               
                                        
  passwd program = /usr/local/sbin/smbldap-passwd.pl -u %u
  passwd chat = *new*password* %n\n *Retype*new*password* %n\n *successfully*
  passwd chat debug = yes
  #unix password sync = Yes
  ldap passwd sync = yes
  admin users = root, administrator
                                                                               
                                                                               
                                        
  add user script = /usr/local/sbin/smbldap-useradd.pl -a
  delete user script = /usr/local/sbin/smbldap-useradd.pl -d
  add group script = /usr/local/sbin/smbldap-useradd.pl -a -g
  delete group script = /usr/local/sbin/smbldap-useradd.pl -d -g
  add user to group script = /usr/local/sbin/smbldap-useradd.pl -j -u
  delete user from group script = /usr/local/sbin/smbldap-useradd.pl -j -u
  set primary group script = /usr/local/sbin/smbldap-useradd.pl -m -u
  add machine script = /usr/local/sbin/smbldap-useradd.pl -a -m
#  unix password sync = Yes
#  passwd program = /usr/bin/passwd %u
#  passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*

Any idea?

thanks!

ciao

luca



____________________________________________________________
Libero ADSL Free - Velocita' 1280 Kbit/s, attivazione e traffico 2004 gratis!
Abbonati su http://www.libero.it

More information about the samba mailing list