[Samba] pdbedit problems
Jason Baker
jbaker at glastender.com
Thu Jan 11 19:31:29 GMT 2007
Greetings,
I am running samba-3.0.10-1.4E.9 installed from rpm on CentOS 4.4. I
have it configured as a PDC. It is using the /passdb backend = tdbsam/
backend. I am using /pdbedit/ to make some configuration changes to user
passwords. I would like to expire a users password, so that they are
required to change it the next time they log in. From all that I have
read in on-line resources (including the Samba How To), it says to run
the following command (this should effect the individual user).
/pdbedit --pwd-must-change-time="2007-01-01"
--time-format="%y-%m-%d" test
/
It however only returns: /
/
/test:501:Victor Aluicious Laan.
/
If I enter /pdbedit -Lv/ test, I see the following:
/[root at ASTER ~]# pdbedit -Lv test/
/Unix username: test/
/NT username:/
/Account Flags: [U ]/
/User SID: S-1-5-21-3030426004-1519544323-488087672-2002/
/Primary Group SID: S-1-5-21-3030426004-1519544323-488087672-2003/
/Full Name: Victor Aluicious Laan/
/Home Directory: \\aster\test/
/HomeDir Drive: U:/
/Logon Script: test.bat/
/Profile Path: \\aster\profiles\test/
/Domain: GLASTENDERNET/
/Account desc:/
/Workstations:/
/Munged dial:/
/Logon time: 0/
/Logoff time: Mon, 18 Jan 2038 22:14:07 GMT/
/Kickoff time: Mon, 18 Jan 2038 22:14:07 GMT/
/Password last set: Thu, 11 Jan 2007 12:54:40 GMT/
/Password can change: Thu, 11 Jan 2007 12:54:40 GMT/
/Password must change: Mon, 18 Jan 2038 22:14:07 GMT/
/Last bad password : Thu, 11 Jan 2007 12:49:51 GMT/
/Bad password count : 2/
/Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF/
I can run: /pdbedit -r --fullname="Change to Test" test /and it will
indeed change the Full Name, so I know it is working in some form.
/[root at ASTER ~]# pdbedit -Lv test/
/Unix username: test/
/NT username:/
/Account Flags: [U ]/
/User SID: S-1-5-21-3030426004-1519544323-488087672-2002/
/Primary Group SID: S-1-5-21-3030426004-1519544323-488087672-2003/
/Full Name: Change to Test/
/Home Directory: \\aster\test
<cut>
/
I have searched the Samba mailing list archives and have found a few
other's who have asked this same question, but haven't found any
resolutions. Is there an easier way to instantly make a samba password
expired so that a user has to change their password on the next login? I
know many of you will answer that I should change to LDAP, that may be
so, but the documentation claims this should work in /tdbsam/ but yet it
seems to not work. Any advice would be helpful.
--
*Jason Baker
*/IT Coordinator/
*Glastender Inc.*
5400 North Michigan Road
Saginaw, Michigan 48604 USA
800.748.0423
Phone: 989.752.4275 ext. 228
Fax: 989.752.4444
www.glastender.com <http://www.glastender.com>
More information about the samba
mailing list