[Samba] Password Expired not Prompting for a new one.

Gerald Drouillard gerrylist at drouillard.ca
Thu Mar 16 02:44:53 GMT 2006


Anybody having trouble with the user being prompted for a new password 
when the account has expired using shadow files?  I am.

/etc/pam.d/samba:

#%PAM-1.0
auth    requisite       pam_nologin.so
auth    requisite       pam_unix.so
auth    optional        pam_smbpass.so migrate
account required        pam_unix.so
password        requisite       pam_cracklib.so retry=3 minlen=4
password        requisite       pam_unix.so shadow md5 use_authtok 
try_first_pass
password        optional        pam_smbpass.so nullok use_authtok 
try_first_pass
session required        pam_unix.so

A little taste of the log:

smb_pam_error_handler: PAM: Account Check Failed : User account has expired
[2006/03/15 21:27:10, 0] auth/pampass.c:smb_pam_accountcheck(781)
   smb_pam_accountcheck: PAM: Account Validation Failed - Rejecting User 
gerrylist!
[2006/03/15 21:27:10, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
   pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
[2006/03/15 21:27:10, 3] auth/auth.c:check_ntlm_password(297)
   check_ntlm_password:  PAM Account for user [gerrylist] FAILED with 
error NT_STATUS_ACCOUNT_EXPIRED
[2006/03/15 21:27:10, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(526)
   free_pipe_context: destroying talloc pool of size 664
[2006/03/15 21:27:10, 3] smbd/pipes.c:reply_pipe_write_and_X(207)
   writeX-IPC pnum=7272 nwritten=352
[2006/03/15 21:27:10, 3] smbd/process.c:process_smb(1194)
   Transaction 2783 of length 63
[2006/03/15 21:27:10, 3] smbd/process.c:switch_message(993)
   switch message SMBreadX (pid 13767) conn 0x8044e680
[2006/03/15 21:27:10, 3] smbd/pipes.c:reply_pipe_read_and_X(252)
   readX-IPC pnum=7272 min=1024 max=1024 nread=96
[2006/03/15 21:27:12, 3] smbd/process.c:process_smb(1194)
   Transaction 2784 of length 43
[2006/03/15 21:27:12, 3] smbd/process.c:switch_message(993)
   switch message SMBulogoffX (pid 13767) conn 0x0
[2006/03/15 21:27:12, 3] smbd/sec_ctx.c:set_sec_ctx(288)
   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/03/15 21:27:12, 3] smbd/reply.c:reply_ulogoffX(1606)
   ulogoffX vuid=427
[2006/03/15 21:27:12, 3] smbd/process.c:process_smb(1194)
   Transaction 2785 of length 39
[2006/03/15 21:27:12, 3] smbd/process.c:switch_message(993)

Install packages:

[root at glacier samba]# rpm -qa |grep samba
samba-server-3.0.21c-2mdk
samba-common-3.0.21c-2mdk
[root at glacier samba]# rpm -qa |grep pam
pam-0.99.3.0-6mdk
libpam0-0.99.3.0-6mdk
libpam0-devel-0.99.3.0-6mdk


-- 
Regards
--------------------------------------
Gerald Drouillard
Technology Architect
Drouillard & Associates, Inc.
http://www.Drouillard.ca


More information about the samba mailing list