[Samba] Cannot change expired password
Jason Baker
jbaker at glastender.com
Wed Jan 31 16:20:22 GMT 2007
I should have checked log files before I posted. Anyway, here is some
additional info.
I checked the log file for the machine I was trying to change the
password on and here is what it says:
[2007/01/31 10:28:06, 1] auth/auth_sam.c:sam_account_ok(178)
sam_account_ok: Account for user 'test' password expired!.
[2007/01/31 10:28:06, 1] auth/auth_sam.c:sam_account_ok(179)
sam_account_ok: Password expired at 'Tue, 30 Jan 2007 10:09:38
EST' (1170169778) unix time.
[2007/01/31 10:28:19, 1] smbd/chgpasswd.c:change_oem_password(1040)
user test cannot change password now, must wait until Wed, 07 Feb
2007 10:09:38 EST
So the section where is says Password expired at Tue, 30 Jan 2007 is
correct. A pdbedit -Lv username shows:
Logoff time: Mon, 18 Jan 2038 22:14:07 EST
Kickoff time: Thu, 31 Jan 2030 22:14:07 EST
Password last set: Wed, 31 Jan 2007 10:09:38 EST
Password can change: Mon, 01 Jan 2007 00:00:00 EST
Password must change: Tue, 30 Jan 2007 10:09:38 EST
But the log file claims that the password cannot change until Friday Feb
2, 2007, which is seven days from Password last set: Wed, 31 Jan 2007.
BUT...Password CAN CHANGE time says: Mon, 01 Jan 2007.
I do have Minimum Password Age set to 7 days, but shouldn't Password can
change show a date 7 days from Password last set? For some reason
pdbedit is not showing the correct information.
If I run pdbedit --pwd-can-change-time="<today's date">
--time-format="%Y-%m-%d", it will change the date to today, but will
still be counting 7 days from Password last set. Is there a ways to
alter Password last set?
*Jason Baker
*/IT Coordinator/
*Glastender Inc.*
5400 North Michigan Road
Saginaw, Michigan 48604 USA
800.748.0423
Phone: 989.752.4275 ext. 228
Fax: 989.752.4444
www.glastender.com <http://www.glastender.com>
On 1/31/2007 10:47 AM, Jason Baker wrote:
> I have a samba PDC set up and configured. I have been doing tests and
> everything was working fine. I was able to set "User must change
> password" to today's date and it would prompt the user that their
> password has expired when logging into windows xp. I could then enter
> a new password and be on my way. Now when I set the password to "User
> must change password", when I enter the new password twice I get:
>
> The password on this account cannot be changed at this time.
>
> I'm not sure why it was working and now suddenly it isn't. Any thoughts?
More information about the samba
mailing list