similar to: Password expires every month even though 'Password Must Change' is set to 'never' (Samba+LDAP)

I'm helping a school district set up Samba for staff/student shares. The PDC/BDCs are running NT4. Samba is v 3.0.23a on Fedora Core 5 boxes. winbind is mapping the users. Access to shares through Windows clients or smbclient works perfectly. There is a desire to have some faculty access the server using, e.g., an ssh client (mostly for remote file access). When I try to log in

Hi, i have configured a Samba PDC based on idealx.org. now, whenever i set the sambaMustChangePassword flag to 0, then from the subsequent logon, there is a popup urge me for changing password. now, the problem is after i have changed the password, the sambaMustChangePassword is set to 2147483647(unix timestamp), which if i converted it into human readable format, it will be 2038 year,

I am currently running the latest build of samba-3.0.23a with a tdbsam backend. I have noticed for sometime now when I use pdbedit -c [X] username it sets the Account Flag X for password never expires but does not modify the Password must change for the user. Therefore even though the account flag is set the password still expires. Any thoughts would be greatly appreciated.

I've just found out that Samba (rather correctly) implements a nice and low password expiry date through the tdbsam backend, and I believe the "maximum password age" value. However, I can't, for the life of me, actually /set/ this thing. I've tried this: # pdbedit -u <username> -r -P "maximum password age" -C 100 And without the -r, and with various

On 02/02/2017 15:17, mathias dufresne wrote: > So, back to ldapsearch -Y GSSAPI (if your users generate kerberos > ticket at connection time) to retrieve LDAP attribute PwdLastSet. It's > not an UNIX timestamp, it should be called LDAP time stamp or 18-digit > LDAP timestamp... Aside: it's a Microsoft Win32 FILETIME. (The LDAP standard uses ISO times) pwdLastSet

I have found that when passwords are reset from a windows machine, the default password expiry period is around 40 days. I would like to change this to say 90 days, but have been unable to find a way. I tried the option "password expire time" but testparm doesn't seem to recognise it. There is nothing in the official Samba How-to about this. Has anyone managed to set thier

Hello, I want to set the expiry date for passwords for all users with one command. As --pwd-must-change-time only works for a single user and policy settings are not applied after a change, I was wondering how to solve this. Is the only way to write a script which runs "pdbedit --pwd-must-change-time..." for every user? greets Jimmy -- Andreas "Jimmy"

We have set option "password never expires" for a user with "pdbedit -u username -c "[X]"". The user must not change his password, but gets a message, that "Password expires today. Do you want to change". This is confusing. regards Mathias Wohlfarth

Hi, there is a "X" value for the acount flags in smbpasswd ... it means no password expiry! I found it on passdb/passdb.c. If it work?s, maybe I don?t no! Also the password expire time ist hard coded in passwd.c too ... set to infinity. Take a look at the passwd.c code! Regards, Thomas Gesendet von: samba-admin@lists.samba.org An: <samba@lists.samba.org> Kopie:

Hi Rowland, and many thanks for fast reply, When using --noexpiry, the userAccountControl is set to 66048, which disable expiry for password as well (in MS console, "password never expires" is now checked). This means that the password expiry (let say, every 6 month) will never popup again to the user, which is in my sense a wrong behaviour. Is there a way to change ONLY

I have a Domain controlled by a (Samba 2.2.2 upgraded to) Samba 2.2.3a PDC, with unix password sync = yes The PDC (on a Mandrake Linux 8.X box) does not use password ageing, and we don't want password ageing on our network. We have a mix of Windows 98, NT4 and 2000 client workstations. Unfortunately, some of the Windows 2000 users who log in to the domain have complained that Windows is

http://bugzilla.mindrot.org/show_bug.cgi?id=14 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #215 is|0 |1 obsolete| | ------- Additional Comments From dtucker at zip.com.au 2003-02-20 20:51 -------

Hi Elliot, I couldn't find anything related to smbpasswd expiry. Since u have "unix password sync = true", just a wild guess, if u could turn off password ageing in unix passwd file (man passwd for more detail) and see if problem persists. Rgds Gary Elliot wrote: > Hi guys... I setup samba 2.2.5 as a PDC ... I have w2k clients. It seems > that now I am prompted to change

Hi all, I have a couple of Samba 4 DCs on my network and I created a new service account LDAPReader on my DCs that my non-Samba third-party services such as Redmine successfully use to access AD via the LDAPS protocol. I have a couple of questions that relate to having service account of this nature implemented in Samba and I wondered if the group could possibly provide some advice? 1)

http://bugzilla.mindrot.org/show_bug.cgi?id=511 Summary: PublickKeyAuthentication failures when account password expires Product: Portable OpenSSH Version: 3.4p1 Platform: All OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo:

I installed a new Linux server for remote user access using Ubuntu 14.04 and x2goserver, authenticating against our existing Samba 4.2.2 AD server. All was working beautifully for a couple of days, with myself and one other user. Then the other user's AD password expired, after which when they attempted to log in winbindd spiralled out of control. Ended up with several 100% CPU winbindd

http://bugzilla.mindrot.org/show_bug.cgi?id=14 ------- Additional Comments From dtucker at zip.com.au 2003-01-09 23:17 ------- Created an attachment (id=199) --> (http://bugzilla.mindrot.org/attachment.cgi?id=199&action=view) Implement password change via /bin/passwd in session. openssh-passexpire10.patch: * Implementes shadow and AIX password expiry. * Adds general expire_message

Hi guys, I'm battling to understand how the Samba4 user password expiry seems to tie in together and was hoping this could be clarified by someone for me please? Currently I have the following Samba4 domain policies in place... [root at headoffice ~]# samba-tool domain passwordsettings show Password informations for domain 'DC=abc-ho,DC=local' Password complexity: on Store plaintext

On Sat, 28 Oct 2023 11:54:34 +0200 Kees van Vloten via samba <samba at lists.samba.org> wrote: > > Op 28-10-2023 om 09:37 schreef Rowland Penny via samba: > > On Fri, 27 Oct 2023 23:48:22 +0200 > > Kees van Vloten via samba <samba at lists.samba.org> wrote: > > > >> Hi Team, > >> > >> Is it possible to make a LDAP-query that returns

I am working on a call-back solution where the initiating call should never be answered. I was doing this simply through the dial plan, sending a progress tone, and then dumping the channel, and firing off a DeadAGI which created a call file to make the callback. Now I've tried extending this so that an AGI is fired first to check for things - like no inbound ANI - and play a