Viktor Posta
2002-Apr-18 09:32 UTC
[Samba] Samba+LDAP - must change password flag doesn't reseted
Hi all ! I have a working Samba PDC with an LDAP backend ! The problem, is taht, when I set the on the user account the Must Change Password flag to 1, the it works, and at the next logon the user gets an answer, that you password will expire today ! Okay, change the password, everithing is OK, password changed... At the next logon the password change window come up again... and again.... - The password last set value, has been changed after a password change - The password really changed, so next time I can logon with the new one - The password must change value didn't change it is the same as before the pw change The following error has been logged to the log file of the WS after the password change [2002/04/18 18:02:55, 0] passdb/passdb.c:pdb_free_sam(210) pdb_free_sam: SAM_ACCOUNT was NULL FYI: I don't use the unix password change option in the samba conf, because I'm using the LDAP to store the users, and anyway only I'm the only one user who needs to logon from the Unix side to the server, so I don't need to synchronize these ! I guess somewhere I'm wrong , but maybe not, please help me folks ! Thanks in advance ! Env: RH7.2 - samba2.2.3.a - OPenLDAP 2.0.23-4 Best Regards ! Viktor Posta
Gonzalo Servat
2002-Apr-20 19:57 UTC
[Samba] Samba+LDAP - must change password flag doesn't reseted
Hi Viktor Have you tried setting the following: pwdCanChange: 0 pwdMustChange: 2147483647 ... for the user? HTH, Gonzalo. On Fri, 2002-04-19 at 02:28, Viktor Posta wrote:> Hi all ! > > I have a working Samba PDC with an LDAP backend ! > > The problem, is taht, when I set the on the user account the Must Change > Password flag to 1, the it works, > and at the next logon the user gets an answer, that you password will > expire today ! > > Okay, change the password, everithing is OK, password changed... > > At the next logon the password change window come up again... and > again.... > > - The password last set value, has been changed after a password change > - The password really changed, so next time I can logon with the new one > - The password must change value didn't change it is the same as before > the pw change > > The following error has been logged to the log file of the WS after the > password change > > [2002/04/18 18:02:55, 0] passdb/passdb.c:pdb_free_sam(210) > pdb_free_sam: SAM_ACCOUNT was NULL > > FYI: > I don't use the unix password change option in the samba conf, because > I'm using the LDAP to store the users, and anyway only I'm the only one > user who > needs to logon from the Unix side to the server, so I don't need to > synchronize these ! > > I guess somewhere I'm wrong , but maybe not, please help me folks ! > > Thanks in advance ! > > Env: RH7.2 - samba2.2.3.a - OPenLDAP 2.0.23-4 > > Best Regards ! > > Viktor Posta > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba >-------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20020420/752e4741/attachment.bin
Viktor Posta
2002-Apr-22 01:23 UTC
[Samba] Samba+LDAP - must change password flag doesn't reseted
Hi !
When I want to force the user to change the password the following needed:
pwdCanChange: 0
pwdMustChange: 0
And after the password changin' it should look like this
pwdCanChange: 0
pwdMustChange: 2147483647
And the problem is that it stays like this after the pw change :
pwdCanChange: 0
pwdMustChange: 0
Best Regards !
Viktor Posta
Gonzalo Servat
<gonzalo@linuxaus To: Viktor
Posta/Hungary/Contr/IBM@IBMHU
.com> cc:
samba@lists.samba.org
Sent by: Subject: Re: [Samba] Samba+LDAP
- must change password flag doesn't reseted
samba-admin@lists
.samba.org
2002.04.21 04:55
Please respond to
Gonzalo Servat
Hi Viktor
Have you tried setting the following:
pwdCanChange: 0
pwdMustChange: 2147483647
... for the user?
HTH,
Gonzalo.
On Fri, 2002-04-19 at 02:28, Viktor Posta wrote:> Hi all !
>
> I have a working Samba PDC with an LDAP backend !
>
> The problem, is taht, when I set the on the user account the Must Change
> Password flag to 1, the it works,
> and at the next logon the user gets an answer, that you password will
> expire today !
>
> Okay, change the password, everithing is OK, password changed...
>
> At the next logon the password change window come up again... and
> again....
>
> - The password last set value, has been changed after a password change
> - The password really changed, so next time I can logon with the new one
> - The password must change value didn't change it is the same as
before
> the pw change
>
> The following error has been logged to the log file of the WS after the
> password change
>
> [2002/04/18 18:02:55, 0] passdb/passdb.c:pdb_free_sam(210)
> pdb_free_sam: SAM_ACCOUNT was NULL
>
> FYI:
> I don't use the unix password change option in the samba conf, because
> I'm using the LDAP to store the users, and anyway only I'm the only
one
> user who
> needs to logon from the Unix side to the server, so I don't need to
> synchronize these !
>
> I guess somewhere I'm wrong , but maybe not, please help me folks !
>
> Thanks in advance !
>
> Env: RH7.2 - samba2.2.3.a - OPenLDAP 2.0.23-4
>
> Best Regards !
>
> Viktor Posta
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
>
#### signature.asc has been removed from this note on April 22, 2002 by
Viktor Posta
stegbthmailing@tronicplanet.de
2002-Apr-22 14:24 UTC
[Samba] Samba+LDAP - must change password flag doesn't reseted
hi, we have the similar problem. we will modify $sambasource/examples/LDAP/ldapsync.pl to reset in all cases the pwdMustChange value in the next days. maybe we will also include cracklib before setting the password, the only point is , how to give a reasonable feedback to the user, if the password change fails cause it fails through cracklib? greetings thomas ------------------------------------------------- This mail sent through encrypted https://webmail.tronicplanet.de