search for: sambamaxpwdag

Displaying 20 results from an estimated 41 matches for "sambamaxpwdag".

Did you mean: sambamaxpwdage
2009 Aug 20
1
LDAP errors with v3.0.34 using the LDAP schema file with Sun DS 5.2
...conn=-1 op=-1 msgId=-1 - User error: Entry "sambaDomainName=????????,??=???,??=???", attribute "sambalockoutthreshold" is not allowed ERROR<5897> - Schema - conn=-1 op=-1 msgId=-1 - User error: Entry "sambaDomainName=????????,??=???,??=???", attribute "sambamaxpwdage" is not allowed The authentication is succdessful, yet these errors are logged multiple times. Checked in the schema file for SAMBA 3.0.x sent with Sun DS 5.2, and indeed, the attributes sambapwdhistorylength, sambalockoutthreshold, and sambamaxpwdage are not among those listed in the s...
2008 Sep 16
1
Samba LDAP entries for Password Change
Hi all, I have a question regarding the enforced change of passwords in Samba 3.0.28 (coming with Ubuntu Hardy) in connection with a LDAP backend. In particular, I am looking for a documentation how the fields sambaMinPwdAge, sambaMaxPwdAge (from sambaDomain), sambaPwdCanChange and sambaPwdMustChange (from sambaSAMAccount) interact. I would like to have the following: - when a new account is created, the user immediately must change the password when [s]he first logs in; - after that, the password shall expire after x days. Unf...
2008 Sep 17
1
WG: Samba LDAP entries for Password Change
Hello, This must be set in LDAP: sambaPwdCanChange=1 ;or you will never be asked to change your password sambaPwdLastSet=0 sambaPwdMustChange=0; on my Suse this must be set too try it out for your machine And how you' ve been told the sambaMaxPwdAge must be set. Greetings Daniel -----Urspr?ngliche Nachricht----- Von: samba-bounces+mueller=tropenklinik.de@lists.samba.org [mailto:samba-bounces+mueller=tropenklinik.de@lists.samba.org] Im Auftrag von Jorge Concha C. Gesendet: Dienstag, 16. September 2008 23:36 An: Albrecht Dre?; samba@lists.sam...
2018 Aug 09
2
LDAP SSL
...scope subtree # filter: sambadomainname=* # requesting: ALL # dn: sambaDomainName=suntech,dc=suntech objectClass: sambaDomain objectClass: sambaUnixIdPool sambaDomainName: suntech sambaSID: S-1-5-21-3936576374-1604348213-1812465911 sambaPwdHistoryLength: 0 sambaLockoutThreshold: 0 gidNumber: 10034 sambaMaxPwdAge: -1 sambaMinPwdAge: 0 sambaMinPwdLength: 5 sambaLogonToChgPwd: 0 sambaForceLogoff: -1 uidNumber: 10002 sambaNextRid: 10038 # server02, suntech dn: sambaDomainName=server02,dc=suntech sambaDomainName: server02 sambaSID: S-1-5-21-2631908330-1812305667-41686038 sambaAlgorithmicRidBase: 1000 objectCl...
2005 Nov 15
2
samba 3.0.21rc1 + ldap PDC - smbpasswd issue
...Could not set account policy for sambaDomainName=DDESIGN,dc=ddesign,dc=com, error: Undefined attribute type (sambaPwdHistoryLength: attribute type undefined) ldapsam_set_account_policy: Could not set account policy for sambaDomainName=DDESIGN,dc=ddesign,dc=com, error: Undefined attribute type (sambaMaxPwdAge: attribute type undefined) ldapsam_set_account_policy: Could not set account policy for sambaDomainName=DDESIGN,dc=ddesign,dc=com, error: Undefined attribute type (sambaMinPwdAge: attribute type undefined) ldapsam_set_account_policy: Could not set account policy for sambaDomainName=DDESIGN,dc=d...
2007 Jun 05
0
password aging policy vs. special cases
Greetings. I have just upgraded to samba 3.0.25a (from 3.0.24 AFAIR). I have also upgraded schema file in openldap's configuration directory. As I have had some more time I have discovered sambaMaxPwdAge and that it may be read with pdbedit in human readable form. Great :-) But what if I would like to force a user to change her password right at next login? I have tried to set sambaPwdMustChange to `date +%s` (I mean the number), but nothing happened. pdbedit still shows sambaPwdLastSet + sambaMa...
2011 Feb 01
1
Samba, LDAP, Windows XP - force passwordchange on first login
Hello, I was looking for the right ldap attribute and setting to force users to change there password when they log in for the first time. Can somewone point me to the syntax or doc I did not found yet? samba 3.5.4 and openldap-2.4.19 Thanks and regards, -- G?tz Reinicke IT-Koordinator Tel. +49 7141 969 420 Fax +49 7141 969 55 420 E-Mail goetz.reinicke at filmakademie.de Filmakademie
2012 Nov 20
0
password expiration
Hello all, I have a test system with CentOS 6.2 running samba 3.5.10_125.el6 and OpenLDAP 2.4.23_20.el6. Password expiration is set as sambaMaxPwdAge: 5184000 and password aging works with a Windows 7 client. On a production system, I've got samba 3.5.10_115.el6_2 and openldap 2.4.23_20.el6 running on RHEL6.2. I have set sambaMaxPwdAge to 5184000 and it does not work consistently with clients. To illustrate, on the production system a...
2010 Apr 29
1
Novell Client forces password change, Ver. 3.5.2. and LDAP
...hout Novell) could login without any trouble. But if i try to login on a Novell-Client (using nwgina.dll instead of msgina.dll), i'm forced to set a new password and this is what we don't want. Users LDAP-Values for "sambaPwdMustChange" are quite old, but the LDAP-Value "sambaMaxPwdAge" for the object "sambaDomain" itself is set to "-1". As far as i understand, this should ever cover the "old-passwords-problem" and in indeed msgina.dll does not claim about old pwds. But nwgina seems to act in a different way. As we noticed in the nwgina.lo...
2008 Feb 20
1
sambaPwdMustChange attribute didn't get updated (3.0.27a)
...ssword preferences in policies -> accounts didn't got saved - only the password-length option got saved. After doing some research, i managed to solve this by adding the following LDAP attributes to the access rules in slapd.conf: sambaMinPwdLength sambaPwdHistoryLength sambaLogonToChgPwd sambaMaxPwdAge sambaMinPwdAge sambaLockoutDuration sambaLockoutObservationWindow sambaLockoutThreshold sambaForceLogoff sambaRefuseMachinePwdChange But one problem still exists: If Windows-users change their password via the normal Windows dialog, the password got changed in LDAP , also the sambaLastChange at...
2017 Feb 03
1
Samba standalone + openldap
...mbaDomainName: ///samba_server_name/// sambaSID: S-1-5-21-1471793353-708426617-xxxxxyyyyzzzz// // sambaAlgorithmicRidBase: 1000// // objectClass: sambaDomain// // sambaNextUserRid: 1000// // sambaMinPwdLength: 5// // sambaPwdHistoryLength: 0// // sambaLogonToChgPwd: 0// // sambaMaxPwdAge: -1// // sambaMinPwdAge: 0// // sambaLockoutDuration: 30// // sambaLockoutObservationWindow: 30// // sambaLockoutThreshold: 0// // sambaForceLogoff: -1// // sambaRefuseMachinePwdChange: 0/ # samba's attributes (objectclass) / sambaSamAccountsambaconfig, sambagroupmapping,...
2012 Aug 08
3
password change problem and no logon servers available
Hi, we are using SAMBA 3.6.1-1 (updating this archlinux machine is tooo ugly) and 3.6.6-1 on archlinux with the LDAP (Server version is 2.4.26-3) backend and manage the users, groups and computer by using the smbldap-tools. Currently we are experiencing the following problems: 1. changing the passwords takes longer than 30 seconds <- That's bad because we are using a gigabit ethernet
2018 Mar 05
2
Fwd: Migrating server
...ldif dn: sambaDomainName=mydomain,dc=mydomain sambaDomainName: mydomain sambaSID: S-1-5-21-3936576374-1604348213-1812434911 sambaAlgorithmicRidBase: 1000 objectClass: sambaDomain objectClass: sambaUnixIdPool sambaNextUserRid: 1000 sambaMinPwdLength: 5 sambaPwdHistoryLength: 0 sambaLogonToChgPwd: 0 sambaMaxPwdAge: -1 sambaMinPwdAge: 0 sambaLockoutDuration: 30 sambaLockoutObservationWindow: 30 sambaLockoutThreshold: 0 sambaForceLogoff: -1 sambaRefuseMachinePwdChange: 0 sambaNextRid: 1001 uidNumber: 10000 gidNumber: 10000 When I tried to add a Windows 7 machine to the domain I get " Unknown user or wro...
2018 Mar 01
3
Fwd: Migrating server
Yes please for the notes. I re-ran the tests without the smbldap-tools. I installed phpldapadmin and am able to login to the apache page using the cn=admin, dn=mydomain and create entries. This kind of tells me that LDAP is working Then I run the pdbedit -Lv and it lists all the users. The following happens when I add the LDAP bits to smb.conf and restart samba.The issue seems to be with samba
2018 Mar 02
1
Fwd: Migrating server
...t;> sambaAlgorithmicRidBase: 1000 >> objectClass: sambaDomain > I prefer to add here an auxiliary objectclass: sambaUnixIdPool > More later on > >> sambaNextUserRid: 1000 >> sambaMinPwdLength: 5 >> sambaPwdHistoryLength: 0 >> sambaLogonToChgPwd: 0 >> sambaMaxPwdAge: -1 >> sambaMinPwdAge: 0 >> sambaLockoutDuration: 30 >> sambaLockoutObservationWindow: 30 >> sambaLockoutThreshold: 0 >> sambaForceLogoff: -1 >> sambaRefuseMachinePwdChange: 0 >> sambaNextRid: 1002 >> >> >> >> >> ldapsearc...
2018 Mar 02
0
Fwd: Migrating server
...S-1-5-21-3936576374-1604338294-181246221 > sambaAlgorithmicRidBase: 1000 > objectClass: sambaDomain I prefer to add here an auxiliary objectclass: sambaUnixIdPool More later on > sambaNextUserRid: 1000 > sambaMinPwdLength: 5 > sambaPwdHistoryLength: 0 > sambaLogonToChgPwd: 0 > sambaMaxPwdAge: -1 > sambaMinPwdAge: 0 > sambaLockoutDuration: 30 > sambaLockoutObservationWindow: 30 > sambaLockoutThreshold: 0 > sambaForceLogoff: -1 > sambaRefuseMachinePwdChange: 0 > sambaNextRid: 1002 > > > > > ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b cn=schema,cn=...
2011 Nov 08
1
Problem while log on: Windows Server 2008 R2 in samba domain
...://<pdc> -D uid=xxx,dc=xxx,dc=xxx,dc=xxx -W -LLL '(sambaDomainName=EVAN)' Enter LDAP Password: dn: sambaDomainName=EVAN,dc=xxx,dc=xxx,dc=xx objectClass: sambaDomain objectClass: sambaUnixIdPool sambaDomainName: EVAN sambaSID: S-1-5-21-1042031166-387543594-2118856591 sambaMinPwdAge: 0 sambaMaxPwdAge: -1 sambaLockoutThreshold: 0 sambaMinPwdLength: 5 sambaLogonToChgPwd: 0 sambaForceLogoff: -1 sambaLockoutDuration: 30 sambaLockoutObservationWindow: 30 sambaRefuseMachinePwdChange: 0 sambaPwdHistoryLength: 0 gidNumber: 3616 sambaNextRid: 1183 uidNumber: 12704 Thank you! Best, Alex
2014 Oct 24
1
Changing user account passwords using smbpasswd after password expiration
...7483647 sambaKickoffTime: 2147483647 sambaPwdCanChange: 0 sambaPwdMustChange: 2147483647 sambaPwdLastSet: 1406347540 Also, I have sambaDomainName=WORKGROUP with entries like the following: sambaMinPwdAge: 0 sambaPwdHistoryLength: 0 sambaMinPwdLength: 6 sambaLogonToChgPwd: 2 sambaLockoutDuration: 1 sambaMaxPwdAge: 7776000 sambaLockoutObservationWindow: 1 sambaLockoutThreshold: 5 With these settings pdbedit shows the following output: # pdbedit -u USERNAME -v Unix username: USERNAME NT username: USERNAME Account Flags: [U ] User SID: **DELETED** Primary Group SID...
2010 Nov 04
2
samba and OpenLDAP ppolicy
I am looking for a way to enforce our password policy using our PDC with OpenLDAP. I have already configured ppolicy, just can not find a way to make it enforce it on the windows clients. Searches turn up little to go on. I must be searching for the wrong terms. Anyone have any pointers?
2007 Feb 27
1
Samba3 ldap password change
Hello to all, I got samba3 PDC working with ldap. But I' m still wondering how to set important things about the users passwords. The first thing when a user login the first time should be to change his/her password? Where do I set when the passwords expire and how do I set it to 60 days? I do not work mith Microsoft's usrmgr because of Vista clients.I look at my samba/ldap with LDAP