[Samba] Password policy for user-managed passwords

mj lists at merit.unu.edu
Mon Nov 1 14:10:22 UTC 2021


Perhaps your issue is described here:

> There are two possible ways to modify the unicodePwd attribute. The
> first is similar to a normal user change password operation. In this
> case, the modify request must contain both a delete and an add
> operation. The delete operation must contain the current password
> with quotes around it. The add operation must contain the desired new
> password with quotes around it.
> 
> The second way to modify this attribute is analogous to an
> administrator resetting a password for a user. In order to do this,
> the client must bind as a user with sufficient permissions to modify
> another user's password. This modify request should contain a single
> replace operation with the new desired password surrounded by quotes.
> If the client has sufficient permissions, this password becomes the
> new password, regardless of what the old password was.

Read more here:
https://docs.microsoft.com/en-us/troubleshoot/windows/win32/change-windows-active-directory-user-password

MJ



More information about the samba mailing list