[Samba] Samba Password Expiry Date
spu at corman.be
spu at corman.be
Thu Jun 2 08:30:46 GMT 2005
Normally for compute the value must be set :
nb days * 24 * 60 * 60
* 24 for 24 hours
* 60 for minutes
* 60 for secondes
ex : for 60 days : 5184000
-----------------------------------
Stéphane PURNELLE stephane.purnelle at corman.be
Service Informatique Corman S.A. Tel : 00 32 087/342467
samba-bounces+stephane.purnelle=corman.be at lists.samba.org a écrit sur
02/06/2005 10:15:01 :
> Matthias Spork wrote:
>
> > Hello,
> >
> > > so, i am seeking the solution making the password expiry feature
> > > avaiable in my pdc. FYI, i am using FC2, samba 3.0.3-5. thanks.
> >
> > the password expires in Unix and Samba.
> >
> > Samba does all changes for itself. You can set password-age to 60 days
> > by typing:
> >
> > #> pdbedit -P "maximum password age" -C 5007600
> >
> > For Linux you have to change "shadowlastchange" in LDAP. I wrote a
> > script for this:
> >
> > smb.conf:
> > #---------------------------------------------------------
> > unix password sync = yes
> > passwd program = /etc/samba/scripts/ldap_userPassword_change %u
> > passwd chat = *New*password* %n\n *new*password* %n\n *Success*
> > #---------------------------------------------------------
> >
> > /etc/samba/scripts/ldap_userPassword_change:
> > #---------------------------------------------------------
> > #!/bin/sh
> >
> > LDAP_SERVER="ldapserver"
> > LDAP_USER="uid=userPassChange,o=mydomain,c=com"
> > LDAP_PASS="secret"
> > LDAP_PASSWD="/usr/bin/ldappasswd"
> > LDAP_MODIFY="/usr/bin/ldapmodify"
> >
> > #DN of User
> > USER_DN="uid=$1,ou=users,o=mydomain,c=com"
> >
> > #Get Date
> > TS=`date +%s`
> > SLC="$(($TS/24/3600))"
> >
> > #-> MODIFY userPassword
> > $LDAP_PASSWD -x -h $LDAP_SERVER -D $LDAP_USER -w $LDAP_PASS -S $USER_DN
> >
> > #-> MODIFY shadowlastchange
> > if [ $? -eq 0 ]; then
> > echo "dn: $USER_DN
> > changetype: modify
> > replace: shadowLastChange
> > shadowLastChange: $SLC" | $LDAP_MODIFY -x -h $LDAP_SERVER -D
> > $LDAP_USER -w $LDAP_PASS >/dev/null 2>&1
> > fi
> >
> > exit
> > #---------------------------------------------------------
> >
> > kind regards
> > Matthias
> >
> >
> > Hiu Yen Onn schrieb:
> >
> >> Hi,
> >>
> >> i have configured a Samba PDC based on idealx.org.
> >> now, whenever i set the sambaMustChangePassword flag to 0, then
> >> from the subsequent logon, there is a popup urge me for changing
> >> password.
> >> now, the problem is after i have changed the password, the
> >> sambaMustChangePassword
> >> is set to 2147483647(unix timestamp), which if i converted it into
> >> human readable format, it will be 2038 year, bla..bla..and bla
> >> second. it is really unbelieveable that my password will be lasted
> >> until year 2038 year??? i have looked thoroughly on the internet
> >> resources, some mentioning about on defaultMaxPasswordAge flag. I
> >> think i have set it to 55 (actually, i dunno whether what is the
> >> quantity representing, day?? time??). but, i have no point to make it
> >> works.
> >>
> >> so, i am seeking the solution making the password expiry feature
> >> avaiable in my pdc. FYI, i am using FC2, samba 3.0.3-5. thanks.
> >>
> >> Cheers,
> >> yenonn
> >
> >
> >
> how can u calculate the 5007600. thanks....
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list