[Samba] Samba LDAP entries for Password Change
albrecht.dress at lios-tech.com
Tue Sep 16 14:27:53 GMT 2008
I have a question regarding the enforced change of passwords in Samba
3.0.28 (coming with Ubuntu Hardy) in connection with a LDAP backend.
In particular, I am looking for a documentation how the fields
sambaMinPwdAge, sambaMaxPwdAge (from sambaDomain), sambaPwdCanChange
and sambaPwdMustChange (from sambaSAMAccount) interact.
I would like to have the following:
- when a new account is created, the user immediately must change the
password when [s]he first logs in;
- after that, the password shall expire after x days.
Unfortunately, I tried a number of combinations without success.
Everything seems to be controlled by the sambaMaxPwdAge setting
(seconds relative to sambaPwdLastSet when the password must be
changed?), and the other entries seem to be irrelevant?
Any documentation/pointer would be welcome!
More information about the samba