[Samba] pam_winbind + password never expires [re-post]

Ron Garcia-Vidal ghstwrtr at evilgenius.net
Mon Jan 8 13:11:03 GMT 2007


Sorry for the repost, but I've not gotten any response and the problem
persists.  Does anyone have any idea how to fix?

===================================

I read a few posts in the archives about this problem and that it was to
be fixed in 3.0.23c.  Currently I'm running 3.0.23d-2+b1 on a debian
system and am getting the following:

$ ssh -l testuser fileserver
Password:
Your password has expired

Here's what auth.log shows:

Jan  4 11:46:26 tmcsamba1 pam_winbind[14309]: user 'DOMAIN1+testuser' OK
Jan  4 11:46:26 tmcsamba1 pam_winbind[14309]: user 'DOMAIN1+testuser'
granted access
Jan  4 11:46:26 tmcsamba1 smbd[14309]: (pam_unix) session opened for
user DOMAIN1+testuser by (uid=0)
Jan  4 11:46:26 tmcsamba1 pam_winbind[14310]: user 'DOMAIN1+testuser' OK
Jan  4 11:46:26 tmcsamba1 pam_winbind[14310]: user 'DOMAIN1+testuser'
granted access
Jan  4 11:46:26 tmcsamba1 smbd[14310]: (pam_unix) session opened for
user DOMAIN1+testuser by (uid=0)
Jan  4 11:46:26 tmcsamba1 smbd[14309]: (pam_unix) session closed for
user DOMAIN1+testuser
Jan  4 11:46:26 tmcsamba1 smbd[14310]: (pam_unix) session closed for
user DOMAIN1+testuser
Jan  4 11:48:41 tmcsamba1 pam_winbind[14324]: user 'testuser' granted access
Jan  4 11:48:41 tmcsamba1 pam_winbind[14324]: user 'testuser' OK
Jan  4 11:48:41 tmcsamba1 pam_winbind[14324]: pam_sm_acct_mgmt success
but PAM_WINBIND_NEW_AUTHTOK_REQD is set
Jan  4 11:48:41 tmcsamba1 pam_winbind[14324]: user 'testuser' needs new
password
Jan  4 11:48:41 tmcsamba1 sshd[14324]: (pam_unix) user "testuser" does
not exist in /etc/passwd or NIS

If there anything else I need to upgrade or restart in order to shake
this problem?  I know I can set the global policy to password never
expires, but I don't want to do tha tsince there are only a few users
that I want to allow to not change their passwords.



More information about the samba mailing list