thr3ads.net - samba - [Samba] "refuse machine password change" policy [Sep 2006]

If this information is useful, please help other people find it:
Share via:

Bruno Nicolas Camussi

2006-Sep-27 16:46 UTC

[Samba] "refuse machine password change" policy

We have a PDC and BDC with Samba 3.0.23a and an LDAP backend. The
"refuse machine password change" policy was set on both (and both
restarted).

Computers on that domain seem to ignore the setting, as confirmed both
by a packet capture and by looking at it in the backend.

Is the policy fully supported in Samba? Any ideas?

Thanks!

John P Janosik

2006-Sep-28 14:28 UTC

head link

[Samba] "refuse machine password change" policy

> We have a PDC and BDC with Samba 3.0.23a and an LDAP backend. The
> "refuse machine password change" policy was set on both (and both
> restarted).
>
> Computers on that domain seem to ignore the setting, as confirmed both
> by a packet capture and by looking at it in the backend.
>
> Is the policy fully supported in Samba? Any ideas?
>
> Thanks!
It has been over a year since I looked at this, but at that time with
3.0.20 this setting only affected what Samba returned when a client asked
what the policy was, Samba did not enforce the policy on the server side.
In my testing clients only honored it and did not try to change their
machine passwords when the policy was set at the time they joined the
domain.

John Janosik

samba - Sep 2006 - "refuse machine password change" policy

[Samba] "refuse machine password change" policy

[Samba] "refuse machine password change" policy