search for: shadowwarning

dear All, I'm trying to set Shadow options in Ldap with the help of phpLDAPadmin. This is *what I know : * */Shadowmax : /maximum nr of days a pw can be valid * /ShadowLastchange : /contains the last change of the shadow file * Shadowwarning : nr of days before expiration to warn user. *What I'm trying *to do is have the users 's passwork expire, that works ok. But how can I have them get a warning message? setting Shadowwarning doesn't seem to be doing it. Do I have to set Shadowexpire as well for this? *Also, *how can...

...tOrgPerson objectClass: person objectClass: organizationalPerson objectClass: top objectClass: sambaSamAccount cn: alexander-cristea sn: alexander-cristea uid: alexander-cristea homeDirectory: /home/kl-1g3/alexander-cristea gecos: "kl-1g3" loginShell: /bin/sh shadowMin: 1 shadowMax: 99999 shadowWarning: 14 sambaPwdMustChange: 1800000000 gidNumber: 112 sambaPrimaryGroupSID: S-1-5-21-3371203057-3264423045-2392767973-1225 uidNumber: 5248 sambaSID: S-1-5-21-3371203057-3264423045-2392767973-11496 sambaProfilePath: \\WILMA2\profile sambaAcctFlags: [UX ] The same user monday morning: # alexander...

...ss: inetOrgPerson objectClass: account objectClass: top objectClass: posixAccount objectClass: shadowAccount objectClass: sambaAccount uid: rkhan uidNumber: 1040 gidNumber: 1000 givenName: R sn: Khan cn: R Khan homeDirectory: /home/employees/rkhan loginShell: /bin/false gecos: R Khan shadowMax: 900 shadowWarning: 7 shadowInactive: 2 ou: IT shadowLastChange: 12101 userPassword:: secret rid: 3236 smbHome: \\xo\homes AFTER (BAD): dn: uid=rkhan,ou=Employees,dc=wildpackets,dc=com objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: account objectClass: top objectClass:...

...his way in LDAP: dn: uid=root,ou=People,dc=virginiabeach,dc=net objectClass: top objectClass: account objectClass: posixAccount objectClass: shadowAccount objectClass: sambaAccount uidNumber: 0 gidNumber: 0 homeDirectory: /home/root loginShell: /bin/bash gecos: root shadowLastChange: 0 shadowMax: 0 shadowWarning: 0 userPassword: {SSHA}GN3hrCs7c8Kgd93df23838hHH uid: root pwdLastSet: 1057974221 logonTime: 0 logoffTime: 2147483647 kickoffTime: 2147483647 pwdCanChange: 2147483647 pwdMustChange: 2147483647 displayName: root cn: root smbHome: \\MY_PDC\homes homeDrive: Z: scriptPath: logon.cmd profilePath: \\MT-P...

Hello, there are a some fields in my LDAP-Tree, I do not understand. What can I do with this fields? # sambaKickoffTime # sambaLogoffTime # sambaLogonTime # sambaMungedDial Is there any endeavor by the maintaner to use the following fields? # shadowExpire # shadowLastChange # shadowMax # shadowWarning by, matze

...mel at pasteur.fr> | P?le informatique - syst?mes et r?seau -------- Here are some details about which attribute we're planning to use and their TCB equivalents uidNumber ~ u_id uid ~ u_name userPassword ~ u_pwd shadowLastChange ~ u_succhg shadowExpire ~ u_expdate shadowMax ~ u_life shadowWarning ~ u_exp [ shadowWarning = u_life - u_exp] plus the one we wrote : maxTries ~ u_maxtries [ maximum number of consecutive unsuccessful login attempts to the account that are permitted until the account is disabled ] numUnsucLog ~ u_numunsuclog [ number of unsuccessful login attempts to the...

...Computer Account objectClass: account objectClass: posixAccount objectClass: top objectClass: shadowAccount uidNumber: 1007 gidNumber: 1003 homeDirectory: /dev/null gecos: Computer Account loginShell: /sbin/nologin description: Computer Account shadowLastChange: 12372 shadowMin: 0 shadowMax: 99999 shadowWarning: 7 when I do a getent passwd the computer account data$ shows up in the listing so by all accounts the account exists. As for LDAP ACL the Samba admin has write access to the Computer ou in the Directory so it should be able to update the information. I did find out that in the ldap log it has:...

...r as I can remember, was user "anger": dn: uid=anger,ou=People,dc=nspuh,dc=cz objectClass: shadowAccount objectClass: person objectClass: inetOrgPerson objectClass: OXUserObject objectClass: posixAccount objectClass: top objectClass: sambaSamAccount uid: anger shadowMin: 0 shadowMax: 9999 shadowWarning: 7 shadowExpire: 0 cn: anger preferredLanguage: EN userCountry: Czech Republic mailEnabled: OK lnetMailAccess: TRUE OXAppointmentDays: 5 OXGroupID: 500 OXTaskDays: 5 OXTimeZone:: RXVyb3BlL3ByYWd1ZSA= loginShell: /usr/bin/ksh uidNumber: 270 gidNumber: 20 homeDirectory: /home/anger sambaSID: S-1-5-21...

...emember, was user "anger": dn: uid=anger,ou=People,dc=nspuh,dc=cz objectClass: shadowAccount objectClass: person objectClass: inetOrgPerson objectClass: OXUserObject objectClass: posixAccount objectClass: top objectClass: sambaSamAccount uid: anger shadowMin: 0 shadowMax: 9999 shadowWarning: 7 shadowExpire: 0 cn: anger preferredLanguage: EN userCountry: Czech Republic mailEnabled: OK lnetMailAccess: TRUE OXAppointmentDays: 5 OXGroupID: 500 OXTaskDays: 5 OXTimeZone:: RXVyb3BlL3ByYWd1ZSA= loginShell: /usr/bin/ksh uidNumber: 270 gidNumber: 20 homeDirectory: /home/anger sam...

...ype: 2 displayName: Domain Computers If I search for the user ldapsearch -x cn=sadmin -b dc=mydomain dn: uid=sadmin,ou=users,dc=mydomain uid: sadmin cn: sadmin objectClass: account objectClass: posixAccount objectClass: top objectClass: shadowAccount objectClass: sambaSamAccount shadowMax: 99999 shadowWarning: 7 loginShell: /bin/sh uidNumber: 1359 gidNumber: 1359 homeDirectory: /home/admin sambaSID: S-1-5-21-3936576374-1604348213-1812465911-1006 sambaNTPassword: B8AF1F54013E322D0A02F9B9FF4B5B1F sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000 00000000 sambaAcctFlags: [U...

...Account objectClass: shadowAccount objectClass: sambaSamAccount cn: administrator o: TU Dresden ou: Professur Mikrorechner l: Dresden uid: administrator uidNumber: 511 gidNumber: 0 homeDirectory: /home/administrator loginShell: /bin/bash userPassword:: xxxxx shadowLastChange: 12286 shadowMax: 99999 shadowWarning: 7 sambaSID: S-1-5-21-3646860325-1815257157-3205558847-500 sambaPrimaryGroupSID: S-1-5-21-3646860325-1815257157-3205558847-512 sambaDomainName: MIKRORECHNER sambaHomeDrive: U: sambaHomePath: \\piggy\homes sambaProfilePath: \\piggy\profiles\administrator # nobody, people, mr.inf.tu-dresden.de dn: u...

...example,dc=local> with scope sub # filter: (objectclass=*) # requesting: ALL # # testuser, People, example.local dn: uid=testuser,ou=People,dc=example,dc=local uid: testuser cn: Sean Cook objectClass: account objectClass: posixAccount objectClass: top objectClass: shadowAccount shadowMax: 99999 shadowWarning: 7 loginShell: /bin/bash uidNumber: 547 gidNumber: 500 homeDirectory: /home/testuser # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 I think the issue might be with PAM, because comparing all files I can think of doesnt point me to any differences except /etc/pam...

...idNumber: 513 uidNumber: 1177 sambaSID: S-1-5-21-2925918746-2661067204-1764633667-2002 sambaLMPassword: ED84DDFFD9A97C2ECA922D8A7EE0CA0B sambaAcctFlags: [U] sambaNTPassword: 079073B583031A7AAE5D5C2D049FC05A userPassword:: e1NTSEF9TEl6QXB1TEpkNDZ6N1hxWFFiNFhTWUtxbXZKcmMwOTU= shadowLastChange: 17038 shadowWarning: 4 shadowExpire: 17449 shadowMax: 99999 sambaKickoffTime: 1507597200 sambaPwdLastSet: 1476091342 sambaPwdMustChange: 2147483647 shadowMin: 99999 now, one server (4.2.10) fails, smbclient locally: SPNEGO login failed: Logon failure session setup failed: NT_STATUS_LOGON_FAILURE pdbedit -v ... Pr...

...d=anger,ou=People,dc=nspuh,dc=cz > objectClass: shadowAccount > objectClass: person > objectClass: inetOrgPerson > objectClass: OXUserObject > objectClass: posixAccount > objectClass: top > objectClass: sambaSamAccount > uid: anger > shadowMin: 0 > shadowMax: 9999 > shadowWarning: 7 > shadowExpire: 0 > cn: anger > preferredLanguage: EN > userCountry: Czech Republic > mailEnabled: OK > lnetMailAccess: TRUE > OXAppointmentDays: 5 > OXGroupID: 500 > OXTaskDays: 5 > OXTimeZone:: RXVyb3BlL3ByYWd1ZSA= > loginShell: /usr/bin/ksh > uidNumber: 270...

...;s. On ldap user in database: dn: uid=mesa,ou=People,dc=test,dc=com objectClass: account objectClass: posixAccount objectClass: top objectClass: sambaAccount objectClass: shadowAccount userPassword:: e2NyeXB0gSQxJDgwei9ONrpIJEtPSVM4dU9tei5aRkxJenZwVmlwdTE= shadowLastChange: 12485 shadowMax: 99999 shadowWarning: 7 loginShell: /bin/bash uidNumber: 1001 gidNumber: 100 homeDirectory: /home/mesa gecos: ,,, uid: mesa pwdLastSet: 1078768943 logonTime: 2147483647 logoffTime: 2147483647 kickoffTime: 2147483647 pwdCanChange: 2147483647 pwdMustChange: 2147483647 displayName: mesa cn: mesa rid: 1001 primaryGroupID:...

...ectClass: posixGroup cn: students gidNumber: 401 dn: uid=someone,ou=People,dc=semenpadang objectClass: account objectClass: posixAccount objectClass: top objectClass: shadowAccount uid: someone cn: someone uidNumber: 101 loginShell: /bin/bash gecos: someone shadowLastChange: 12031 shadowMax: 99999 shadowWarning: 7 gidNumber: 401 homeDirectory: /home/someone userPassword: {SSHA}yGSX/Zk8kt9JV26qu9qh8DQuVPdcIkYu and my nsswitch.conf: passwd: files nisplus ldap shadow: files nisplus ldap group: files nisplus ldap hosts: files nisplus dns bootparams: nisplus [NOTFOUND=return] files ethers...

...sers,dc=grad,dc=br objectClass: posixAccount objectClass: inetOrgPerson objectClass: shadowAccount objectClass: sambaSamAccount uid: fulano cn: fulano da silva sn: Silva userPassword: {crypt}8hjnSm/xTf0ss uidNumber: 2795 gidNumber: 127 gecos: Fulano Da Silva shadowLastChange: 13012 shadowMax: 99999 shadowWarning: 7 sambaSID: S-1-5-21-3890934015-1816655379-4264717526-6590 homeDirectory: /export/home/fulano loginShell: /bin/bash sambaAcctFlags: [U ] Thanks! _______________________________________________________ Yahoo! Acesso Gr?tis: Internet r?pida e gr?tis. Instale o discador agora...

...Mary Alice sn: White mail: mawhite@mdah.state.ms.us objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: top objectClass: shadowAccount objectClass: hostObject userPassword:: xxxxxxxxxxxxxxxx shadowLastChange: 13923 shadowMax: 99999 shadowWarning: 7 loginShell: /bin/bash uidNumber: 651 homeDirectory: /home/mawhite gecos: Mary Alice White structuralObjectClass: inetOrgPerson creatorsName: cn=Manager,dc=mdah,dc=state,dc=ms,dc=us host: roark host: welty host: manship host: archives4 gidNumber: 100

...: root cn: root sn: root mail: root@dc=mdah,dc=state,dc=ms,dc=us objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: top objectClass: shadowAccount userPassword:: xxxxxxxxxxxxxxxxxxxxxxxxxxx shadowLastChange: 13704 shadowMax: 99999 shadowWarning: 7 loginShell: /bin/bash uidNumber: 0 gidNumber: 0 homeDirectory: /root gecos: root # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1

...the login process I am unsure about this. For completeness however hereby is the output of the smbldap-usershow for the user joni: dn: uid=joni,ou=Users,dc=xxxxx,dc=com uid: joni cn: joni objectClass: account,posixAccount,top,shadowAccount,sambaSamAccount shadowLastChange: 12613 shadowMax: 99999 shadowWarning: 7 uidNumber: 693 gidNumber: 501 homeDirectory: /home/joni sambaSID: S-1-5-21-1022628538-1959064621-2949423962-2386 sambaPrimaryGroupSID: S-1-5-21-1022628538-1959064621-2949423962-2003 sambaAcctFlags: [UX ] sambaPasswordHistory: 0000000000000000000000000000000000000000000000000000000000000...