[Samba] Your password expires today problem
Martin Schmidt
martin.schmidt at uni-wuerzburg.de
Wed Feb 24 10:38:30 MST 2010
Hi,
I have a very similiar problem, but the story is an other:
I migrated from sles 10 sp2 samba 3.0.24 to ubuntu 9.10 server samba
3.4.3 (pdc). The user-accounts were moved following this instruction:
http://www.cyberciti.biz/faq/howto-move-migrate-user-accounts-old-to-new-server/.
When some user now try to login to the domain from a xp-client following
message appears at every login: "Your Windows password has expired and
must be changed. You must change your password now!" The user can change
the password and everything works fine. But at next login the same
story. This happens only to some of the old users and to all users
created after migration. Any idea what could be the reason for this? I
already searched a lot but didn't find something like this.
Thanks for any info.
Regards,
Martin
Dipl.- Geogr. Martin Schmidt
Würzburg University
Department of Geography
Remote Sensing Unit
&
German Remote Sensing Data Center (DFD) at
German Aerospace Center (DLR) Oberpfaffenhofen
--------------------------------------------------------
Am Hubland
97074 Würzburg
phone: +49 (931) 31-88179
fax: +49 (931) 888-5544
eMail: martin.schmidt at uni-wuerzburg.de
Here my smb.conf:
[global]
#log file = /var/log/samba.%m
smb ports = 139 445
#root = administrator
#DOMAIN ADMINS = root, administrator
#----Allgemeine
Einstellungen--------------------------------------------------
#Workgroup
netbios name = XXX
#netbios aliases = XXX
server string = XXX
workgroup = XXX
guest account = XXX
#-----Sicherheit--------------------------------------------------------------
#Nur Subnetz FE zulassen
hosts deny = XXX
hosts allow = XXX
#Nur die Ethernet Karte 0 und Loopback zulassen
interfaces = eth0 lo
bind interfaces only = yes
#Unbekannt Nutzer rejecten
#map to guest = Never
#Zugriff auf benutzerdefinierte Freigaben nicht erlauben
#usershare allow guests = No
#Kommunikation der Clients mit Samba auf User Ebene
#Passwort - Backend
#passdb backend = tdbsam:/etc/samba/passdb.tdb
passdb backend= smbpasswd
security = user
encrypt passwords = true
smb passwd file = /etc/samba/smbpasswd
passwd program = /usr/bin/smbpasswd %u
unix password sync = false
obey pam restrictions = yes
#Fuer bestimmte Nutzer gibts extra smb.conf Dateien
config file = /etc/samba/smb.conf.%U
#---- Roaming Profiles
-----------------------------------------------------
#Antworten auf WIN98/95 Anfragen
domain logons = Yes
logon path = \\%L\profiles\%U
logon drive = Q:
#logon script = logon.cmd
#---- Browsing und Domain Master (PDC)
-------------------------------------
#wins support = Yes
#wins server = XXX
#wins proxy = yes
#PDC im Subnetz
domain master = Yes
local master = Yes
preferred master = Yes
os level = 65
#client-side caching policy
#csc policy = disable
#----Benutzerverwaltung-----------------------------------------------------
#Hinzufuegen einer Maschine ueber die Methode Benutzername/Passwort
#add machine script = /usr/sbin/useradd -c Machine -d
/var/lib/nobody -s /bin/false %m$
#---Drucker----------------------------------------------------------------
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
#----Tuning-----------------------------------------------------------------
socket options = TCP_NODELAY IPTOS_LOWDELAY
#Zeit zur Unterbrechung der Verbindung Server-Client bei Verlust des
Clients
deadtime = 10
#getwd cache = yes
#kernel oplocks = no
ldap suffix =
log level = 1
#Sonstiger Mist
#include = /etc/samba/dhcp.conf
dos charset = CP850
display charset = ISO8859-1
unix charset = ISO8859-1
#oplock break wait time = 20
#oplocks = no
#kernel oplocks = no
#---- Zeit-Server
----------------------------------------------------------
time server = true
###################################
# Anmeldung Freigaben #############
###################################
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
create mask = 0664
directory mask = 0775
[profiles]
comment = Network Profiles Service
path = /home/samba/windowsprofiles
hide files = /desktop.ini/
read only = No
browseable = No
guest ok = Yes
writable = Yes
printable = No
store dos attributes = Yes
create mask = 0700
directory mask = 0700
[netlogon]
comment = Network Logon Service2
path = /home/samba/netlogon/%g
guest ok = Yes
browseable = No
read only = No
writable = Yes
###################################
# Freigaben #######################
###################################
...
Marcelo Terres schrieb:
> Hi.
>
> I enabled policies with pdbedit. Password must be changed every 90 days and
> must contain at least 8 characters. I enabled password history too.
>
> After that (I tried it in samba 3.4.3 and 3.0.25 with same behaviour) every
> time a user try to log in the domain using Windows receives a "Your password
> expires today. Do you want to change it now ?" message box. If the password
> is changed, the message appear again next time the user try to login. If the
> user answers no the same thing happens in the next login.
>
> I tested it with a lot of users and changed the passwords several times and
> the problem continues.
>
> Anybody have some idea about this problem ?
>
> Thanks in advance.
>
> Regards,
>
> Marcelo H. Terres
> mhterres at gmail.com
> ****************************************
> ICQ: 6649932
> MSN: mhterres at hotmail.com
> Jabber: mhterres at jabber.org
> http://twitter.com/mhterres
> http://identi.ca/mhterres
> ****************************************
> http://mundoopensource.blogspot.com/
> http://www.propus.com.br
> Sent from Porto Alegre, RS, Brazil
>
More information about the samba
mailing list