[Samba] Re: samba doesnt change shadowLastChange

Brian May bam at snoopy.apana.org.au
Wed Sep 12 00:01:22 GMT 2007

>>>>> "Andrew" == Andrew Bartlett <abartlet at samba.org> writes:

    >> I have a samba 3 working as a PDC with Ldap as a authentication backend.
    >> I have a such problem, when user in windows try to change password to 
    >> samba by ctr+alt+delete, password is changing (password is also sync and 
    >> it works fine ), but the ldap attribute shadowLastChange doesnt change.
    >> What is wrong?

    Andrew> Is it meant to?

    Andrew> Samba updates it's attributes - if you changed the LDAP password too,
    Andrew> then perhaps you should look into a server side module that might also
    Andrew> update that value?

I haven't investigated in detail yet, but I have noticed the same thing.

>From memory (I don't have a box to test this in conveniently available
right now), the password is updated (so I don't think it is a
permission issue), but the user can't log in because the password is
still marked as expired, and Windows asks the user to change there
password again.

I have changed various things since then, really need to try it again.
Brian May <bam at snoopy.apana.org.au>

More information about the samba mailing list