[Samba] Winbind - Login succeeds while password is expired (set with --must-change-at-next-login)
Rowland penny
rpenny at samba.org
Thu Apr 22 20:31:21 UTC 2021
On 22/04/2021 21:11, Kees van Vloten via samba wrote:
> Hi,
>
> I have freshly setup 2 lxc containers with Samba 4.13 on Debian Buster
> (installed from apt.van-belle.nl/debian).
> The first runs samba-ad-dc, the second has samba + winbind and has
> joined the AD domain.
>
> A domain user is created with samba-tool with the option
> --must-change-at-next-login. A login with the user succeeds the first
> time some interesting output:
>
> kvv at bach:~$ ssh grieg
> kvv at grieg's password:
> Password expired. You must change it now.
> Password change rejected: Try a more complex password, or contact your
> administrator.. Please try again.
>
> Password change rejected: Try a more complex password, or contact your
> administrator.. Please try again.
>
> Your password has expired
> Linux grieg 4.19.0-16-amd64 #1 SMP Debian 4.19.181-1 (2021-03-19) x86_64
I think you have run into this bug:
https://bugzilla.samba.org/show_bug.cgi?id=14622
Rowland
More information about the samba
mailing list