[Samba] [Urgent] Cannot make changes via pdbedit
Jason Baker
jbaker at glastender.com
Wed Jul 18 16:32:04 GMT 2007
In case anyone was following this thread, I finally did find the solution.
Apparently you can no long expire a user's password by issuing the command:
pdbedit --pwd-must-change-time...
If you want to require a user to change their password at next login,
you need to issue the command:
net sam set pwdmustchangenow <username> yes
This will ask the user to change their password the next time they
attempt to login. The --pwd-must-change-time is actually reserved for
the time when a password is set to expire by using policies (such as
every 30 days, etc.).
*Jason Baker
*/IT Coordinator/
*Glastender Inc.*
5400 North Michigan Road
Saginaw, Michigan 48604 USA
800.748.0423
Phone: 989.752.4275 ext. 228
Fax: 989.752.4444
www.glastender.com <http://www.glastender.com>
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GIT$ d- s: a C++$ LU+++$ P+ L++>L++++ !E--- W+++ N o? K?
w !O M !V PS PE++ Y? PGP- t 5? X+ R+ tv+ b- DI-- D++ G e+ h---
r+++ y+++
------END GEEK CODE BLOCK------
Jason Baker wrote:
> I have been having some problems since I updated from Samba 3.0.23 to
> 3.0.25b. I have installed the latest version of smbldap-tools but I am
> still not able to make certain changes to a user's account. I have
> created a new user named JROLFE.
> After I set up a new user, I will set it so they are required to
> change their password when they first login. I usually do this through
> LDAP Account Manager.
> I set User can change password to a date in the past and User must
> change password to a date in the past. But for some reason it didn't
> work. If I run pdbedit -Lv -u jrolfe, I get:
>
> Password last set: Mon, 01 Jan 2007 03:00:00 EST
> Password can change: Mon, 08 Jan 2007 03:00:00 EST
> Password must change: never
>
> If I run ../smbldap-usershow jrolfe, I get:
>
> sambaPwdCanChange: 1183795200
> sambaPwdLastSet: 1167638400
> sambaPwdMustChange: 1167638400
>
> The unix times converted to english are: Sat, 07 Jul 2007 08:00:00 GMT
> and Mon, 01 Jan 2007 08:00:00 GMT. So you can see that the dates do
> not match between pdbedit and smbldap-tools.
> This is really causing a problem because I am trying to set up a new
> user and cannot get his password to expire.
More information about the samba
mailing list