Hi, I have setup samba on redhat 7.3 and configured it as a windows 2000 Primary Domain Controller. Everything works fine, however, everytime that Windows NT or 2000 clients log onto the domain they get a message stating that their password has expired and asking them if they want to change it. It doesn't matter if you answer Yes and change it or answer No and just continue on, the message appears everytime. Has anyone seen this before? Can anyone offer any advice. thanks, Ian -------------- next part -------------- HTML attachment scrubbed and removed
Ian Campbell wrote:> Hi, > > Primary Domain Controller. Everything works fine, however, everytime > that Windows NT or 2000 clients log onto the domain they get a message > stating that their password has expired and asking them if they want to > change it. It doesn't matter if you answer Yes and change it or answer > No and just continue on, the message appears everytime. > > Has anyone seen this before? Can anyone offer any advice. >i have had the same problem. it seems, that the pwdMustChange-value is by default set to 0. when using ldap, you can set this to something not so annoying, like 2147483647 (which is some 2*10^9 seconds after 1970 -- which in turn is somewhere in the far future) but of course, this is a dirty workaround too and you have to use ldap. i do not know, where (whether) the pwdMustChange is stored in the smbpasswd file. the man page indicates that it is not stored, only a pwdLastSet-value. i think this has no effect on your problem but go and try. in addition, i do not know how to enable a real password expiry (which might prove usefule sometimes...) mfg.c.sdr IOhannes> thanks, > > Ian >
Ian,
Replace the _space_ immediately following the U in the smbpasswd file with
"X" for each user. It's a bit of a pain, but it works.
change [U ]
to [UX ]
Regards,
Alan B. Moote
Systems Administrator
MARK IV Industries
tel: 905.624.7908
fax: 905.625.6197
<#!bash>
Win95: A 32-bit patch for a 16-bit GUI shell running on top of an
8-bit operating system written for a 4-bit processor by a
2-bit company who cannot stand 1 bit of competition.
"Ian Campbell"
<ICampbell@cymax. To:
<samba@lists.samba.org>
com.au> cc:
Sent by: Subject: [Samba] nt/2000
password has expired
samba-admin@lists
.samba.org
06/11/02 09:26 PM
Hi,
I have setup samba on redhat 7.3 and configured it as a windows 2000
Primary Domain Controller. Everything works fine, however, everytime that
Windows NT or 2000 clients log onto the domain they get a message stating
that their password has expired and asking them if they want to change it.
It doesn't matter if you answer Yes and change it or answer No and just
continue on, the message appears everytime.
Has anyone seen this before? Can anyone offer any advice.
thanks,
Ian
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Copyright (c) 1996-2001 GeCAD The Software Company. All rights reserved. Registered version for 2 domain(s). Running on host: ariel - ----------------------- RAV Antivirus results - ----------------------- The infected file was saved to quarantine with name: 1023942325-RAV21438. The file (part0001:)->(IFRAME0) attached to mail (with subject:[Samba] Language) sent by samba-admin@lists.samba.org to boghi@aectra.ro, is infected with virus: HTML/IFrame_Exploit*. Cannot clean this file. The file was successfully deleted by RAV AntiVirus. - ------------------------ this is a copy of the e-mail header: Received: from samba.sourceforge.net (HELO lists.samba.org) (198.186.203.85) Received: from va.samba.org (localhost [127.0.0.1]) Scan engine 8.7 () for i386. Last update: Mon Jun 10 12:04:24 2002 Scanning for 68836 malwares (viruses, trojans and worms). - -- Bogdan Seica T&IT Manager Aectra Romania Tel: +401.312.27.89 Fax: +401.312.08.29 www.aectra.ro -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE9CEm9EG/cLdD7xJYRAtaWAKCMKTCHidcPqaavJJtO4z8TzpYaYgCdEGNe DfSPXNgT1MBHFSTIdzgXXM4=jf2q -----END PGP SIGNATURE-----