Graham Leggett
2008-Mar-15 18:17 UTC
[Samba] sam_account_ok: Account for user 'user' password must change!
Hi all, After trying to migrate an LDAP based domain controller from an old RHEL4 machine to RHEL5.1 (running samba-3.0.26b), none of my users are still able to log in. The logfiles reveal this: [2008/03/15 21:12:50, 1] auth/auth_sam.c:sam_account_ok(172) sam_account_ok: Account for user 'minfrin' password must change!. [2008/03/15 21:12:50, 1] auth/auth_sam.c:sam_account_ok(172) sam_account_ok: Account for user 'minfrin' password must change!. [2008/03/15 21:12:50, 1] auth/auth_sam.c:sam_account_ok(172) sam_account_ok: Account for user 'minfrin' password must change!. The server didn't (and still shouldn't) enforce any password change policy. After some digging I have uncovered that samba as an LDAP domain controller has been broken since v3.0.25, but nobody has posted any definitive solutions that fix the problem. The following post suggests fiddling with "User Account Flags", but this adds an admin burden that will cause us to run into this problem again. http://lists.samba.org/archive/samba/2007-November/136374.html Does anyone know how to make samba behave as it did before v3.0.25? Regards, Graham -- -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3287 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.samba.org/archive/samba/attachments/20080315/ce93780a/smime.bin