[Samba] passdb.tdb not updated when changing passwords

simo idra at samba.org
Thu Aug 17 13:32:21 GMT 2006

On Thu, 2006-08-17 at 15:24 +0200, Gianluca Cecchi wrote:
> I'm using samba on CentOS 3.7 (3.0.9 + rh patches)
> I had smbpasswd as backend and I'm testing migration to tdbsam.
> After exporting successfully to tdbsam and setting
> passdb backend = tdbsam
> in smb.conf
> if I change from inside a windows xp machine the password ot the user and then
> pdbedit-Lv user
> I get
> Logon time:           0
> Logoff time:          ven, 13 dic 1901 21:45:51 GMT
> Kickoff time:         ven, 13 dic 1901 21:45:51 GMT
> Password last set:    gio, 17 ago 2006 14:59:18 GMT
> Password can change:  ven, 18 ago 2006 14:59:18 GMT
> Password must change: lun, 16 ott 2006 14:59:18 GMT
> Last bad password   : 0
> Bad password count  : 0
> Questions:
> 1) it seems passdb.tdb is read but not written based on its timestamp
> Shouldn't it be modified with the new encrypted password? the same
> happens if for example I change full name of a user...
> Where are otherwise written these informations

some kernels have a bug that will prevent them from correctly updating
the mtime when mmpped files are changed and tdb usually is mmapped.

> 2) in the example above, the user cannot change today his password.
> What can I do to reset this for the user?

change the pass can change value, and set it to a time before the

> 3) It seems that no --pwd-must-change-time option is working in my environment.
> Was this a late introducted feature?

3.0.9 is quite old, I would update anyway, later versions have more

> 4) Does it exist for latest releases also the opportunity to change
> the "Password can change" date? something like --pwd-can-change-time
> option?

IIRC yes.

> Thanks in advance for your help
> Gianluca


> PS: please tell me if any question regarding customized version of
> samba, such as RH, is automatically ignored by the gurus... this would
> be in some way acceptable but knowing it would at least save time for
> me.

It's not, but 3.0.9 is way too old, we recommend running the latest
samba versions for all the bugfixes and windows compatibility fixes we
introduce at each release.


Simo Sorce
Samba Team GPL Compliance Officer
email: idra at samba.org

More information about the samba mailing list