[Samba] maximum password age question
Mark Saad
nonesuch at longcount.org
Tue Dec 27 09:56:35 MST 2011
On Tue, Dec 27, 2011 at 11:54 AM, TAKAHASHI Motonobu <monyo at monyo.com> wrote:
> From: Mark Saad <nonesuch at longcount.org>
> Date: Tue, 27 Dec 2011 11:03:53 -0500
>
>> I am working on upgrading a older Samba 3.0.16 setup that uses
>> openldap as its back-end for passwords and users.
>> I built a clone of our setup using CentOS 5.6 and Openldap 2.4.20 ,
>> with Samba 3.6.1 .
>>
>> My issue.
>>
>> After successfully building and install Samba users can not
>> authenticate to the server. They are prompted with errors about
>> Needing to change their password.
> (snip)
>
>> So I tried to set the max password age to -1
>>
>> # pdbedit -P "maximum password age" -C -1
>> valid account policy, but unable to fetch value!
>> account policy "maximum password age" description: Maximum password
>> age, in seconds (default: -1 => never expire passwords)
>> account policy "maximum password age" value was: 4294967295
>> valid account policy, but unable to set value!
>>
>> Does anyone know what the root issue is ?
>
> After Samba 3.0.21, those policies are stored in LDAP, but before
> 3.0.21, they were always stored in local tdb file.
>
> I guess that you have to manually create those account policies on
> your LDAP directory.
Do you know if there was anything created to migrate the tdb files to ldap ?
>
> ---
> TAKAHASHI Motonobu <monyo at samba.gr.jp>
--
mark saad | nonesuch at longcount.org
More information about the samba
mailing list