[Samba] Set "User cannot change password" from command/script

Jacobo221 jacobo221 at gmail.com
Thu Aug 22 15:17:32 MDT 2013


We implemented a Samba4 server which syncs hourly with a database
containing (among lots of other data) a list of users with their passwords,
etc. So far everything works fine except that users shouldn't be allowed to
change their samba4 password from within Windows, but only through the
other database (which has its own GUI).

I've been unable to find a linux command which allows me to set the "*User
cannot change password*" property when creating or updating a user with the
sync script.

samba-tool doesn't provide such feature, ldapmodify because flag 64
is protected in attribute UserAccountControl.

Can anybody help me on this? Is there any way to enable/disable this user
property with a command from within linux (locally on the samba4 DC server)?

More information about the samba mailing list