[Samba] D flag at sambaAcctFlags

guilhermemtorresbase-lista at yahoo.com.br guilhermemtorresbase-lista at yahoo.com.br
Fri Nov 18 10:46:30 GMT 2005 

Cybionet,

I know that, but something is setting the D flag
automatically at my Samba/OpenLDAP server and I can't
continue removing the D flag every day for some users.

Thanks anyway

--- Cybionet <cybionet at videotron.ca> escreveu:

> D flag in sambaAcctFlags meens that your user is
> disable, just remove the "D" to activate your user.
> 
> D: Disable
> U: User
> W: Workstation
> X: password never eXpire
> 
> >Hello Gerald,
> >
> >after your explanation, I added the attribute
> >"sambaPwdLastSet" to all my users with a non-zero
> >value, but I still getting the "D" flag at
> >sambaAcctFlags.
> >
> >Do you know which log level I must use in OpenLDAP
> to
> >try to see when the server turns on the D flag? I
> will
> >copy two ldif´s of my user´s to help you understand
> >the problem.
> >
> >This user tryed do logon after I inserted the
> >sambaPwdLastSet attribute.
> >---------
> ># User 1: uid=dlc,ou=Users,dc=grad,dc=br 
> >dn: uid=dlc,ou=Users,dc=grad,dc=br
> >objectClass: posixAccount
> >objectClass: inetOrgPerson
> >objectClass: shadowAccount
> >objectClass: sambaSamAccount
> >uid: dlc
> >cn: Diogo Costa
> >sn: Solari
> >uidNumber: 287
> >gidNumber: 127
> >gecos: Diogo Costa
> >shadowLastChange: 13012
> >shadowMax: 99999
> >shadowWarning: 7
> >sambaSID:
> >S-1-5-21-3890934015-1816655379-4264717526-1574
> >homeDirectory: /export/home/dlc
> >loginShell: /bin/bash
> >sambaAcctFlags: [DU         ]
> >sambaLMPassword: B261D7CB831A55D1AAD3B435B51404EE
> >sambaNTPassword: 3BD3653953CD04F6D0D249CA4B3A9F3D
> >sambaPwdLastSet: 1132249024
> >sambaPwdMustChange: 1136137024
> >userPassword: {SSHA}8HtN9WhAQ491H8GWqrlpwEMw3BNC
> >----------
> >
> >----------
> >This user don´t have some samba attributes yet, but
> >got the D flag   and didn´t try to logon after the
> >insertion of the sambaPwdLastSet
> ># User 2: uid=east,ou=Users,dc=grad,dc=br
> >dn: uid=east,ou=Users,dc=grad,dc=br
> >objectClass: posixAccount
> >objectClass: inetOrgPerson
> >objectClass: shadowAccount
> >objectClass: sambaSamAccount
> >uid: east
> >cn: Evandro Souza
> >sn: Souza
> >userPassword: {crypt}WP9DoLbxvCRMP
> >uidNumber: 124
> >gidNumber: 127
> >gecos: Evandro Souza
> >shadowLastChange: 13012
> >shadowMax: 99999
> >shadowWarning: 7
> >sambaSID:
> >S-1-5-21-3890934015-1816655379-4264717526-1248
> >homeDirectory: /export/home/east
> >loginShell: /bin/bash
> >sambaPwdLastSet: 1130851923
> >sambaAcctFlags: [DU         ]
> >-----------
> >
> >Thanks a lot.
> >
> >--- "Gerald (Jerry) Carter" <jerry at samba.org>
> >escreveu:
> >
> >  
> >
> >>-----BEGIN PGP SIGNED MESSAGE-----
> >>Hash: SHA1
> >>
> >>guilhermemtorresbase-lista at yahoo.com.br wrote:
> >>    
> >>
> >>>Hello,
> >>>
> >>>I have a server with Samba(3.0.13-1.1)/OpenLDAP
> >>>      
> >>>
> >>and
> >>    
> >>
> >>>sometimes my users get a D flag at
> sambaAcctFlags.
> >>>
> >>>There are some users that don´t have all the
> samba
> >>>attributes yet.
> >>>
> >>>I would like to know why it happens. Which
> >>>actions/attributes can tell to samba turn de D
> >>>      
> >>>
> >>flag
> >>    
> >>
> >>>on?
> >>>      
> >>>
> >>Please read the release notes for 3.0.2a.  User's
> >>without
> >>a valid sambaPwdLastSet time are disabled.
> >>
> >>
> >>
> >>******************* Attention! Achtung! Kree!
> >>*********************
> >>
> >>Beginning with Samba 3.0.2, passwords for accounts
> >>with a last
> >>change time (LCT-XXX in smbpasswd, sambaPwdLastSet
> >>attribute in
> >>ldapsam, etc...) of zero (0) will be regarded as
> >>uninitialized
> >>strings.  This will cause authentication to fail
> for
> >>such
> >>accounts.  If you have valid passwords that meet
> >>this criteria,
> >>you must update the last change time to a non-zero
> >>value.  If you
> >>do not, then  'pdbedit
> >>--force-initialized-passwords' will disable
> >>these accounts and reset the password hashes to a
> >>string of X's.
> >>
> >>******************* Attention! Achtung! Kree!
> >>*********************
> >>
> >>
> >>
> >>
> >>
> >>
> >>cheers, jerry
> >>
> >>    
> >>
>
>=====================================================================
> >  
> >
> >>Alleviating the pain of Windows(tm)      -------
> >>http://www.samba.org
> >>GnuPG Key                -----
> >>http://www.plainjoe.org/gpg_public.asc
> >>"There's an anonymous coward in all of us."       
>  
> >>     --anonymous
> >>-----BEGIN PGP SIGNATURE-----
> >>Version: GnuPG v1.4.0 (GNU/Linux)
> >>Comment: Using GnuPG with Thunderbird -
> >>http://enigmail.mozdev.org
> >>
> >>
> >>    
> >>
>
>iD8DBQFDegndIR7qMdg1EfYRAhGzAKDCtonsGXYXGLzHVKwYdPe8DvE+awCg3rXQ
> >  
> >
> >>GBfjy7n94sDvrxi0xD/oOzU=
> >>=mrm4
> >>-----END PGP SIGNATURE-----
> >>
> >>    
> >>
> >
> >
> >
> >	
> >
> >
> >
> >	
> >		
>
>_______________________________________________________
> 
> >Yahoo! Acesso Grátis: Internet rápida e grátis. 
> >Instale o discador agora!
> >http://br.acesso.yahoo.com/
> >
> >  
> >
> 
=== message truncated ===



	


	
		
_______________________________________________________ 
Yahoo! Acesso Grátis: Internet rápida e grátis. 
Instale o discador agora!
http://br.acesso.yahoo.com/

More information about the samba mailing list