Bill Greene
2006-Oct-29 18:07 UTC
[Samba] pam_winbind fails with "never expires" password in v. 3.0.23c
Environment: Domain with NT4 PDC/BDCs; shares on Fedora Core 5 boxes with Samba 3.0.23c from Fedora. Access to shares through Windows clients and smbclient works perfectly. Users who try to login via ssh/telnet who have the "password never expires" flag set but also have "old" passwords (i.e., beyond the expiry days) get a "your password has expired" message and the login fails. If the password is reset, they can login with no problem. It appears as though everything works, but pam_winbind does not honor the "never expires" flag. This was previously listed as a bug. The release notes for 23c reference a fix, though it may only for AD based networks. Is this still an open problem for non AD domains, or have I missed something obvious (not that that ever happens to me...)? Thanks! -- bill Bill Greene Rubicon Group Ltd. Oak Brook Illinois USA