[Samba] Howto force all users of a samba domain controller to change their password ?

BOURIAUD david.bouriaud at ac-rouen.fr
Wed Mar 11 12:32:24 GMT 2009

On Tuesday 17 February 2009 11:33:19 BOURIAUD wrote:
> Hi !
> I'still running a samba domain controller on a rhel 5 machine, so it is
> version samba-3.0.33-3.7.el5. Users and accounts are still stored in a ldap
> database and everything works fine.
> Now that my setup is complete, I'd like to
> - force every user of the domain to change their password the next time
> they open a session on their workstation
> - be sure that the password is complex enough
> - have it that they don't put the same password as the old one.
> I've read many a thing about those topics, and tryed many things, but so
> far I haven't found anything very usefull.
> Somewhere I've read that there were modifications to be done using pdbedit
> so as to set the next time the password must be changed. I've tryed on my
> account, it doesn't work as I expected it to do : the password is valid for
> the time passed as an argument, and that's not what I want.
> Next, I've read about a cracklib-checker that can be called via the
> smb.conf file, but I don't have this cracklib-checker installed on my
> system, and I don't really know where to find it.
> Thanks in advance for any help provided.
> P.S. I've searched the docs on samba.org, but I haven't found anything
> relevant, and searching the web with "samba force user change password"
> gives many results that don't cover what I'm searching for.

Since I got no answer, does it means that there is no possibility to force all 
users to change their password the next time they will connect to the domain ?

More information about the samba mailing list