[Samba] remote password change, if password is expired
Denis Cardon
dcardon at tranquil.it
Tue Mar 27 10:57:14 UTC 2018
Hi Peer-Joachim,
> we have a couple of users which "forget" to change the passwords even if
> they get an reminder.
> Normally we tell them to use a windows machine, where you can change
> your password if it's expired.
>
> But how can a remote user change his password if it's expired ?
>
> Is there any secure solution for this ?
"Normally we tell them to use a windows machine" -> so I'll assume you
are on a Linux machine. I think you'll have to do your expired password
update through an LDAP query. You can get some inspiration from this
page [1] or from the bugzilla entry [2] of the recent security issue. In
any case you'll need to have SSL, and I guess a valid (from your desktop
point of view) certificate on your DC, to use this type of LDAP query.
Cheers,
Denis
[1] https://www.cs.bham.ac.uk/~smp/resources/ad-passwds/
[2] https://bugzilla.samba.org/show_bug.cgi?id=13272#c1
--
Denis Cardon
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint SĂ©bastien sur Loire
tel : +33 (0) 2.40.97.57.55
http://www.tranquil.it
Samba install wiki for Frenchies : https://dev.tranquil.it
WAPT, software deployment made easy : https://wapt.fr
More information about the samba
mailing list