Displaying 20 results from an estimated 150 matches for "shadowlastchang".
Did you mean:
shadowlastchange
2006 Jun 15
1
shadowLastChange not updated
Hello,
We have an otherwise working Samba PDC+LDAP setup but for one minor
detail. The shadowLastChange is not updated when the user sets his
password from a Windows workstation (all the necessary Samba*-fields as
well as userPassword is updated in LDAP).
We've enabled 'ldap passwd sync = Yes' in smb.conf.
slapd.conf contains the appropriate access rule for the said field.
The 'pa...
2008 Sep 09
1
shadowLastChange problem with Samba+OpenLDAP
...change.
With the following settings in smb.conf:
ldap passwd sync = Yes
passwd program = /usr/sbin/smbldap-passwd %u
passwd chat = New password:%n\nRetype new password:%n\n
unix password sync = no
...
1. When I change passwords from Windows, everything is fine except the
shadowLastChange field is never updated when shadowMax is nonzero.
So the password age feature is not functioning as expected.
2. Later I found shadowLastChange could be updated by smbldap-passwd, so I
changed
'unix password sync' from no to yes. In this case, change_oem_password()
will
return N...
2007 Sep 11
3
samba doesnt change shadowLastChange
Hello
I have a samba 3 working as a PDC with Ldap as a authentication backend.
I have a such problem, when user in windows try to change password to
samba by ctr+alt+delete, password is changing (password is also sync and
it works fine ), but the ldap attribute shadowLastChange doesnt change.
What is wrong?
thanks in advance
tim
2005 Jun 02
5
Samba Password Expiry Date
Hi,
i have configured a Samba PDC based on idealx.org.
now, whenever i set the sambaMustChangePassword flag to 0, then
from the subsequent logon, there is a popup urge me for changing password.
now, the problem is after i have changed the password, the
sambaMustChangePassword
is set to 2147483647(unix timestamp), which if i converted it into human
readable format, it will be 2038 year,
2007 Dec 07
1
CentOP 5.1 Problem with smbldap-passwd
.../smbldap-passwd line 285, <STDIN> line 2.
In 5.0 it works without errors.
I hope you can help me
Tanks,
Sebastian
Here is the part of the file
//////////////////////////////////////////////////////////////////////
# Update 'userPassword' field
if ( $update_unix_passwd ) {
my $shadowLastChange=int(time()/86400);
my $modify;
if ($< != 0) {
$modify = $ldap_master->modify ( "$dn",
changes => [
replace =>
[userPassword => "$hash_password"],...
2007 Jun 18
3
decode_pw_buffer: incorrect password length
...My problem: when a user changes his password from a windows-client
(xp) he get an error like "The User name or old password is incorrect.
Letters in passwords must be typed using the correct case."
The strange is that the server *did* change both Linux and Windows
passwords and the shadowLastChange and sambaPwdLastSet attributes also.
So all is ok anly i get this "stupid" message.
In the samba-logs i see this:
[2007/06/18 08:59:08, 0] libsmb/smbencrypt.c:decode_pw_buffer(520)
decode_pw_buffer: incorrect password length (-1582166334).
[2007/06/18 08:59:08, 0] libsmb/smbencrypt...
2005 Apr 04
1
Unix-password-sync in LDAP?
Hello,
how can I change the user-passwords correctly in my OpenLDAP during
Windows-password-change?
My problem: The script does only change "userPassword", but not the
field "shadowLastChange", so my unix-passwords
expired.
unix password sync = yes
passwd program = /etc/samba/scripts/ldap_userPassword_change %u
passwd chat = *New*password* %n\n *new*password* %n\n *Success*
#/etc/samba/scripts/ldap_userPassword_change
ldappasswd -x -h server-D
'uid=userPassChange,ou=adminis...
2010 Jul 26
1
OpenLDAP authentication, account expired when it's not.
I am trying to set up LDAP authentication for CentOS workstations, but
can't get it to authenticate properly. Authentication fails saying the
account has expired when I know for certain that it has not (e.g.
ldapsearch authenticated with the appropriate uid and password returns
shadowLastChange 14816 and shadowMax 99999).
The last time I did this seriously for authentication was using Apple iMacs
authentication against a SuSE Linux machine so it's entirely possible I'm
not doing the right thing today. Most of the sites where we're using ldap
and nss are not authentication,...
2016 Oct 04
4
samba with customized ldap backend
...uid='some numeric' instead of uid=username
like that;
dn: uid=102220,ou=User,dc=example,dc=com
uid: 102220
username: test1
cn: Test Account
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
objectClass: sambaSamAccount
mail: test1 at cdac.in
shadowLastChange: 15587
loginShell: /bin/bash
uidNumber: 5345
gidNumber: 5345
homeDirectory: /home/test1
userPassword: {SSHA256}v7vlA8YYjJ27IbPQQa8eaChdHFcnw==
sambaPwdLastSet: 1473165911
sambaLMPassword: 7e58f6a33f8b3ef68ef354180a3a1da7
sambaSID: S-1-5-21-4079184197-2446238136-3299756537-1008
sambaAcctFlags: [UX...
2009 Nov 26
1
password expiration problem
...eq
index sambaPrimaryGroupSID eq
index sambaDomainName eq
index sambaGroupType eq
index sambaSIDList eq
index uniqueMember eq
lastmod on
checkpoint 512 30
access to
attrs=userPassword,shadowLastChange,sambaNTPassword,sambaLMPassword
by dn="cn=admin,dc=workgroup" write
by anonymous auth
by self write
by * none
access to dn.base="" by * read
access to *
by dn="cn=admin,dc=workgroup" write
by * read
smbldap-usershow tommy
dn: uid=tom...
2018 Apr 26
2
Password change
...1}hdb
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=testdom
olcAccess: {0}to attrs=sambaNTPassword,sambaPwdLastSet,sambaPwdMustChange
by dn="cn=admin,dc=testdom" write by self write by * none
olcAccess: {1}to attrs=shadowLastChange by self write by * read
olcLastMod: TRUE
smb.conf
add user script = /usr/sbin/smbldap-useradd -m '%u'
delete user script = /usr/sbin/smbldap-userdel '%u'
add group script = /usr/sbin/smbldap-groupadd -p '%g'
delete group script = /usr/sbin/s...
2011 Aug 11
1
LDAP - Shadow options
dear All,
I'm trying to set Shadow options in Ldap with the help of phpLDAPadmin.
This is *what I know :
* */Shadowmax : /maximum nr of days a pw can be valid
* /ShadowLastchange : /contains the last change of the shadow file
* Shadowwarning : nr of days before expiration to warn user.
*What I'm trying *to do is have the users 's passwork expire, that works ok.
But how can I have them get a warning message? setting Shadowwarning
doesn't seem to be doing it....
2003 Jun 26
0
Accounts randomly clobber on user add (LDAP, XP, Samba PDC)
...ectClass: top
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaAccount
uid: rkhan
uidNumber: 1040
gidNumber: 1000
givenName: R
sn: Khan
cn: R Khan
homeDirectory: /home/employees/rkhan
loginShell: /bin/false
gecos: R Khan
shadowMax: 900
shadowWarning: 7
shadowInactive: 2
ou: IT
shadowLastChange: 12101
userPassword:: secret
rid: 3236
smbHome: \\xo\homes
AFTER (BAD):
dn: uid=rkhan,ou=Employees,dc=wildpackets,dc=com
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: account
objectClass: top
objectClass: posixAccount
objectClass: shadowAccount
obje...
2003 Jul 12
0
Samba-2.2.8a & LDAP - Can't join Domain - SID mapping error
....conf
I set up a fake root user this way in LDAP:
dn: uid=root,ou=People,dc=virginiabeach,dc=net
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaAccount
uidNumber: 0
gidNumber: 0
homeDirectory: /home/root
loginShell: /bin/bash
gecos: root
shadowLastChange: 0
shadowMax: 0
shadowWarning: 0
userPassword: {SSHA}GN3hrCs7c8Kgd93df23838hHH
uid: root
pwdLastSet: 1057974221
logonTime: 0
logoffTime: 2147483647
kickoffTime: 2147483647
pwdCanChange: 2147483647
pwdMustChange: 2147483647
displayName: root
cn: root
smbHome: \\MY_PDC\homes
homeDrive: Z:
scriptPath...
2004 Mar 23
1
LDAP-Schema??
Hello,
there are a some fields in my LDAP-Tree, I do not understand.
What can I do with this fields?
# sambaKickoffTime
# sambaLogoffTime
# sambaLogonTime
# sambaMungedDial
Is there any endeavor by the maintaner to use the following fields?
# shadowExpire
# shadowLastChange
# shadowMax
# shadowWarning
by,
matze
2005 Jan 20
1
What does "ldap passwd sync" do?
...ab with mixed Win2k and RH9 computers running Samba 3 and
OpenLdap. Right now we're having a problem with password expiration.
Samba is working just fine and when a user changes their password, the
date changes as well.
But for Linux, however the password is being changed is not updating
the shadowLastChange parameter. So even though the users are
successfully changing their passwords (though Windows), the Linux
boxes are denying access due to that parameter not being set.
So after saying all that, I am trying to get a handle on what "ldap
passwd sync" enables so that I can figure out if t...
2007 Oct 10
0
strange uid=domain\5Cuser ldap search requests
....
I have these messages in my slapd logs:
conn=14143 op=2 SRCH base="ou=XXX" scope=1 deref=0
filter="(&(objectClass=posixAccount)(uid=domain\5Cuser))"
conn=14143 op=2 SRCH attr=uid userPassword uidNumber gidNumber cn
homeDirectory loginShell gecos description objectClass shadowLastChange
shadowMax shadowExpire
conn=14143 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text=
always repeating exactly 3 times and then
conn=14143 op=5 SRCH base="ou=XXX" scope=1 deref=0
filter="(&(objectClass=posixAccount)(uid=user))"
conn=14143 op=5 SRCH attr=uid userPassword u...
2016 Oct 24
1
password sync issues
...account (ou=User) (below is
sample ldif)
dn: uid=2011150,ou=User,dc=acer,dc=in
empID: 2011150
username: test1
cn: test1
centre: PN
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
oldempid: 1150
mail: test1 at acer.in
givenName: test1
uid: 2011150
shadowLastChange: 15590
loginShell: /bin/bash
uidNumber: 11150
gidNumber: 11150
homeDirectory: /mbox4.2/test1
userPassword: {SHA}1SrgdEGUPa/U6KM43Kq9xTgnI7A=
and another for samba tree (ou=samba) - (below is sample tree)
dn: uid=test1,ou=samba,dc=acer,dc=in
uid: test1
sambaSID: S-1-5-21-4079184197-2446238136-32...
2008 May 17
7
SAMBA PDC with LDAP backend syncing unix/samba accounts ...
...w when I try and login as normal user, which i have
enabled
with "smbldap-usermod -a yogesh"
smbldap-usershow yogesh
dn: uid=yogesh,ou=People,dc=biomax,dc=de
uid: yogesh
cn: yogesh
objectClass:
account,posixAccount,top,shadowAccount,sambaSamAccount
userPassword: {MD5}.SOMELONGHASH ....
shadowLastChange: 12900
shadowMax: 10000
loginShell: /bin/bash
uidNumber: 668
gidNumber: 100
homeDirectory: /sk-home/yogesh
sambaPwdLastSet: 0
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaPwdMustChange: 2147483647
displayName: System User
sambaSID: S-1-5-21-4...
2008 Sep 08
0
wrong userPassword hash generated by smbpasswd (pam_password=exop and smbk5pwd ) on a samba+ldap PDC running on FreeBSD
...ISO8859-15"
LC_NUMERIC="fr_FR.ISO8859-15"
LC_MONETARY="fr_FR.ISO8859-15"
LC_MESSAGES="fr_FR.ISO8859-15"
LC_ALL=
# smbpasswd testuser (#password here is "mdp")
New SMB password:
Retype new SMB password:
# smbldap-usershow testuser
dn: (...)
(...)
shadowLastChange: 14130
userPassword: {CRYPT}$1$lehDK9Nt$cIXRIoy4LWQJSXtzCmwyB1
sambaPwdLastSet: 1220843814
sambaLMPassword: 468f587067043edcaad3b435b51404ee
sambaNTPassword: 97c438f12af3ffc2f22bedc986962e6b
# openssl passwd -1 -salt 'lehDK9Nt'
Password: (input "mdp" as password)
$1$lehDK9Nt...