[Samba] Account locking synchronization between Linux and Windows (my solution)
Kevin Taylor
groucho.64738 at hotmail.com
Wed Aug 31 10:47:07 MDT 2011
We are using a Samba domain controller with a Sun Directory Server 7 LDAP backend and we observed that when an account was locked out on Windows, it would not lock the account on Linux as well.
We are using Samba 3.0.33 on CentOS 5.3 and this is the change I made:
To configure samba to perform proper windows lockout in conjunction
with a linux lockout, we need to modify the samba source code to look
for the pwdaccountlockedtime rather than sambaKickoffTime
Download the source RPM for samba for the OS you're using. This example uses samba-3.0.33-3.7.el5.src.rpm from CentOS 5.3
rpm -ivh samba-3.0.33-3.7.el5.src.rpm
cd /usr/src/redhat/SOURCES
tar -xzf samba-3.0.33.tar.gz
cd samba-3.0.33/source/lib
edit smbldap.c: look for sambaKickoffTime and change to pwdaccountlockedtime (2 places)
cd /usr/src/redhat/SOURCES
rm samba-3.0.33.tar.gz
tar -czf samba-3.0.33.tar.gz samba-3.0.33
rm -rf samba-3.0.33
rpmbuild -bb /usr/src/redhat/SPECS/samba.spec (install any dependencies i.e. cups-devel or do a --nodeps to ignore)
cd /usr/src/redhat/RPMS/x86_64
rpm -Uvh --replacepkgs --force samba*.rpm
I'm not sure if this issue was addressed in later versions of Samba. I'm just posting this in case someone finds it helpful, or knows of a better/safer way to accomplish the same thing.
Thanks.
Kevin Taylor
More information about the samba
mailing list