[Samba] Re: Password expiry for samba & posix accounts in LDAP
news_jamrock at yahoo.com
Sat Aug 19 00:01:33 GMT 2006
"Plant, Dean" <dean.plant at roke.co.uk> wrote in message
news:2181C5F19DD0254692452BFF3EAF1D6802671911 at rsys005a.comm.ad.roke.co.uk...
Can someone install some confidence in me that the way I am dealing with
syncing password expiry dates between Samba and Posix accounts in LDAP
The question has come up on the list a couple of times but the answer,
using "unix password sync = Yes" and changing the ShadowLastChange LDAP
attribute via an external script seems rather clunky. Is this really the
correct way to do it, when only allowing changing of passwords via
Windoze? or am I missing something obvious that enables this to be done
within the Samba/OpenLDAP configuration.
We have used a single Openldap directory to authenticate Samba, qmail and
We add the line
ldap passwd sync = yes
to our smb.conf file.
When the users change their Windows passwords from a Windows workstation,
the Samba and ldap passwords are both changed.
More information about the samba