[Samba] Can samba ensure that a user did not enter the previous
password when password expired?
Matt Ingram
mingram at cbnco.com
Tue Mar 28 16:59:06 GMT 2006
you need to setup some password policies.. I was just playing with this
a couple days ago.. seems to work very nicely :)
It stores all the information in the LDAP Entry for the Domain
(sambaDomainName=yourdomain)
anyway.. here's the link I learnt from:
http://searchopensource.techtarget.com/tip/1,289483,sid39_gci1152805,00.html?bucket=ETA
specifically, you need to set the "password history" setting.
I don't think you can just modify the entries in ldap.. I think you have
to use pdbedit, as stated on the document..
good luck :)
Jan Stavel wrote:
> Hello,
> I have working PDC with ldap
>
> samba 3.0.21c-1
>
> I try to force users change their password by setting password
> expiration. It works - the samba asks a user to change his password.
>
> But user can set value of the password to the previos one and system
> accepts it - at the end no change was made :-)
>
> Can samba check whether user really changed value of his password?
>
> I tried to change password format from SSHA to SHA (it can be checked)
> but no
> result.
>
> Thanks for advice,
> Jan Stavel
>
--
Matt Ingram
Intermediate Unix Administrator, IS
Canadian Bank Note Company, Limited
\m/
More information about the samba
mailing list