[Samba] maximum password age question
TAKAHASHI Motonobu
monyo at monyo.com
Tue Dec 27 09:54:10 MST 2011
From: Mark Saad <nonesuch at longcount.org>
Date: Tue, 27 Dec 2011 11:03:53 -0500
> I am working on upgrading a older Samba 3.0.16 setup that uses
> openldap as its back-end for passwords and users.
> I built a clone of our setup using CentOS 5.6 and Openldap 2.4.20 ,
> with Samba 3.6.1 .
>
> My issue.
>
> After successfully building and install Samba users can not
> authenticate to the server. They are prompted with errors about
> Needing to change their password.
(snip)
> So I tried to set the max password age to -1
>
> # pdbedit -P "maximum password age" -C -1
> valid account policy, but unable to fetch value!
> account policy "maximum password age" description: Maximum password
> age, in seconds (default: -1 => never expire passwords)
> account policy "maximum password age" value was: 4294967295
> valid account policy, but unable to set value!
>
> Does anyone know what the root issue is ?
After Samba 3.0.21, those policies are stored in LDAP, but before
3.0.21, they were always stored in local tdb file.
I guess that you have to manually create those account policies on
your LDAP directory.
---
TAKAHASHI Motonobu <monyo at samba.gr.jp>
More information about the samba
mailing list