[Samba] D flag at sambaAcctFlags

Gerald (Jerry) Carter jerry at samba.org
Tue Nov 15 16:16:29 GMT 2005

Hash: SHA1

guilhermemtorresbase-lista at yahoo.com.br wrote:
> Hello,
> I have a server with Samba(3.0.13-1.1)/OpenLDAP and
> sometimes my users get a D flag at sambaAcctFlags.
> There are some users that don´t have all the samba
> attributes yet.
> I would like to know why it happens. Which
> actions/attributes can tell to samba turn de D flag
> on?

Please read the release notes for 3.0.2a.  User's without
a valid sambaPwdLastSet time are disabled.

******************* Attention! Achtung! Kree! *********************

Beginning with Samba 3.0.2, passwords for accounts with a last
change time (LCT-XXX in smbpasswd, sambaPwdLastSet attribute in
ldapsam, etc...) of zero (0) will be regarded as uninitialized
strings.  This will cause authentication to fail for such
accounts.  If you have valid passwords that meet this criteria,
you must update the last change time to a non-zero value.  If you
do not, then  'pdbedit --force-initialized-passwords' will disable
these accounts and reset the password hashes to a string of X's.

******************* Attention! Achtung! Kree! *********************

cheers, jerry
Alleviating the pain of Windows(tm)      ------- http://www.samba.org
GnuPG Key                ----- http://www.plainjoe.org/gpg_public.asc
"There's an anonymous coward in all of us."               --anonymous
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org


More information about the samba mailing list