[Samba] A very strange SWAT: unix and samba password
Fajar Priyanto
fajarpri at arinet.org
Mon Mar 26 01:47:44 MDT 2012
Hi all,
My setup is:
Ubuntu 10.04.3 LTS
Samba/Swat 3.4.7~dfsg-1ubuntu3.8
I apply min password age both on Unix and Samba.
I test SWAT and it seems to be working fine, except after few days I
notice that changing password from SWAT doesn't modify the "Last
password change" on unix password.
As the result now the info on my account is:
- Unix last password change: Mar 25, 2012
- Samba last password change: Mar 26, 2012.
I try to change password from SWAT again today (Mar 26), and surely SWAT says:
machine 127.0.0.1 rejected the password change: Error was : Account restriction.
The passwd has NOT been changed.
In /var/log/log.smbd:
[2012/03/26 15:33:30, 1] smbd/chgpasswd.c:1124(change_oem_password)
user fajar cannot change password now, must wait until Tue, 27 Mar
2012 15:33:30 SGT
This is the funny thing begins:
- Unix account is changed by SWAT. But the Last password change is still Mar 25.
- Samba account not changed. But after 1 minute (I think), samba
password is changed too. Match the unix password!!!
smb.conf:
security = user
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
Why so strange?
- Why SWAT manages to change the unix password but not update the Last
password change date?
- Why after 1 minute, the samba password got synched with unix password?
Any more info you need from me, pls me know.
Thank you.
--
Fajar.
More information about the samba
mailing list