[Samba] Forcing Password Changes
mbarnes at hcjb.org
Thu Nov 17 20:31:24 GMT 2005
I'm using samba-3.0.10-1.4E.2
I found how to change the maximum age,
[root][WRN3:~]> pdbedit -P "maximum password age" -C 180
account policy value for maximum password age was 90
account policy value for maximum password age is now 180
But I still can't seem to change anything in the individual user parameters.
Also, I see that the bad password counter does not increment when the
user fails to log in. I purposefully used about ten bad passwords in a
row and nothing showed up in "pdbedit -L -v <user>".
Craig White told me on 11/17/2005 14:05:
> On Thu, 2005-11-17 at 13:46 -0600, Michael Barnes wrote:
>>Actually two issues on this subject. Migrating to a new system. First,
>>I want to set all accounts so when the user logs in the first time, he
>>is asked to set a new password.
>>Second, I need to have passwords expire and require a change every 3 months.
>>As I understand it, First, I need to set "Password must change: " to
>>'0'. For the second one, I need to set the maximum password age.
>>I am using the tdbsam password backend. The command I found to reset
>>the password was "pdbedit --pwd-must-change-time=0 -u <user>". When I
>>run this, I get a response of "<user>:507:<Real Name>". However, after
>>looking at it with "pdbedit -L -v <user>" Nothing changes.
>>I also cannot find anywhere to change the password maximum age.
> samba version? As I recall, this wasn't implemented immediately in
> Samba 3.0.0 but somewhere down the road.
More information about the samba