[Samba] Changing password on unix client joined to AD
k.maksimov
k.maksimov at butb.by
Tue Jul 27 07:38:42 MDT 2010
Lorenzo Milesi wrote:
> Hi.
>
> I've set up a Samba PDC on Debian, working fine with XP Clients.
>
> I'm now trying to have a linux client join the domain. I managed to do that, but I cannot handle password expiration. When the domain pass is expired, in GDM I see a message "Your password is expired" but the user can log in anyway.
>
> I used the following guide to configure my Linux client, which is an Ubuntu 10.04:
> https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto
>
> Configured PAM using pam-auth-update.
> common-auth is:
> auth [success=2 default=ignore] pam_unix.so nullok_secure
> auth [success=1 default=ignore] pam_winbind.so krb5_auth krb5_ccache_type=FILE cached_login use_first_pass
>
> common-password
> password [success=2 default=ignore] pam_unix.so obscure sha512
> password [success=1 default=ignore] pam_winbind.so use_authtok use_first_pass
>
> nsswitch.conf
> passwd: files winbind
> group: files winbind
> shadow: files winbind
> hosts: files dns
>
>
> What should I change?
> thanks
>
GDM not support this feature:
https://bugs.launchpad.net/ubuntu/+source/gdm/+bug/114620
if you want, you can hack gdm)
More information about the samba
mailing list