[Samba] pam_winbind fails with "never expires" password in v. 3.0.23c

Bill Greene bill at rubgrp.com
Sun Oct 29 17:03:59 GMT 2006

Environment:  Domain with NT4 PDC/BDCs; shares on Fedora Core 5 boxes 
with Samba 3.0.23c from Fedora.

Access to shares through Windows clients and smbclient works perfectly.

Users who try to login via ssh/telnet who have the "password never 
expires" flag set but also have "old" passwords (i.e., beyond the expiry 
days) get a "your password has expired" message and the login fails.  If 
the password is reset, they can login with no problem.  It appears as 
though everything works, but pam_winbind does not honor the "never 
expires" flag.

This was previously listed as a bug.  The release notes for 23c 
reference a fix, though it may only for AD based networks.

Is this still an open problem for non AD domains, or have I missed 
something obvious (not that that ever happens to me...)?


-- bill

Bill Greene
Rubicon Group Ltd.
Oak Brook Illinois USA

More information about the samba mailing list