[Samba] 'samba-tool user setpassword', PwdLastSet and expiration...

Marco Gaiarin gaio at sv.lnf.it
Tue Aug 27 16:19:19 UTC 2019


I resend this:

> I've a script 'infrastructure' that manage password propagation between
> some domains/password sources.
> 
> When, in my AD domains, i ''consume'' a passord caming from another
> domain, i run:
> 
> 	samba-tool user setpassword ${USER} --option="check password script"="" --newpassword="$mypassword"
> 
> and the script exit with status 0 and print 'Changed password OK', but
> sometimes does not update PdwLastSet, and so users (if password are
> expired) cannot login, eg, with ssh (pam/winbind).
> 
> If i logon on windows, PdwLastSet get updated.
> 
> 
> There's something i can do to 'force' PdwLastSet update? Thanks.

a bit because holiday passwed, a bit because i've spotted another time
this 'bug'.

A user (that access my server remotely, only via SSH) changed their
password in this way (eg, via 'samba-tool user setpassword'), but
account expired (get disabled) because 'PdwLastSet' get no update.


Thanks.

-- 
dott. Marco Gaiarin				        GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''          http://www.lanostrafamiglia.it/
  Polo FVG   -   Via della Bontà, 7 - 33078   -   San Vito al Tagliamento (PN)
  marco.gaiarin(at)lanostrafamiglia.it   t +39-0434-842711   f +39-0434-842797

		Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
      http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
	(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)



More information about the samba mailing list