similar to: Windows 10 password expiration

I have been working to get pdbedit to expire passwords. I have seen several bugs related to pdbedit (bugzilla bug 4630 for example) on 3.0.25 so I upgraded to 3.0.25a, the latest Samba version as of this writing. What I am trying to do is set a particular user's password to expire on a certain date. If that can't be done, the ability to set it to expire "now" would be my

I was thinking of maybe putting a request update password expire time on login and have a system user go find the expire times. with ldap or something? It could put a file in the users home directory with a timestamp of when the user's password expires. Ex: In the bashrc or tcshrc (the global ones) add a line like so touch /tmp/requestpwexpupdate/${USER} and have a cronjob the searches

Hi every one, I'm testing Samba4 with the guide posted on the wiki http://wiki.samba.org/index.php/Samba4/HOWTO#Step_1:_Download_Samba4, all our tests results ok but one of them crash: Group Policy works ok on a new organizational unit in deploy security task over desktop users but when i create a new user over this ou, with the dsa.msc group policy > Computer Configuration > Windows

Sorry, i came back on this, but: > In another, more generic, way: how password policies are enforced? still i need an answer on this question. I've done some tests, using my account, that pdbedit say: root at vdcsv1:~# LANG=C pdbedit -v gaio Unix username: gaio NT username: Account Flags: [U ] User SID:

I have a patch that enables "user password timeout" for 2.2.2. It works only for WinNT, Win2000 (tested and Samba on AIX and Linux) and I think with WinXP. It does not work with Win9x. You can download the patch from http://www.m-wohlfarth.de/Downloads/Samba/samba.html. I never had the problem with automatically expiring password as described in the originating message - I couldn't

On Fri, 3 Feb 2017 07:44:39 -0700 Jeff Sadowski via samba <samba at lists.samba.org> wrote: > This seems to work for maxPwdAge > > ldapsearch -LLL -Q -s base -h ad.mydomain.tld -b > dc=ad,dc=mydomain,dc=tld maxPwdAge > > now I just need to query a users pwdLastSetq > I tried the commands above but am not getting anything. I tried > looking at the ungrepped output

Hello, I?m currently having a problem where a non-root user can?t change his/her own password using smbpasswd command after the password expiration and would like to know how I could solve this problem. Currently, I have a samba server running on CentOS 6.5 with its passdb backend configured to another LDAP server. The samba version I?m currently using is samba-3.6.9-169 which should be the

Initially I had set password expiration to be 6 months using samba-tool, and used ADUC to tick the "password never expires" box on specific service accounts that I wanted to keep with the same password. What I found was that even with this box checked, the account's passwords did expire after 6 months. So it seems that the password settings configured by samba-tool apply to all

On Wed, 12 Oct 2016 21:16:02 +0000 Brandon Nishan via samba <samba at lists.samba.org> wrote: > Initially I had set password expiration to be 6 months using > samba-tool, and used ADUC to tick the "password never expires" box on > specific service accounts that I wanted to keep with the same > password. What I found was that even with this box checked, the >

Winner this worked wonderfully On Fri, Feb 3, 2017 at 8:51 AM, Rowland Penny via samba < samba at lists.samba.org> wrote: > On Fri, 3 Feb 2017 07:44:39 -0700 > Jeff Sadowski via samba <samba at lists.samba.org> wrote: > > > This seems to work for maxPwdAge > > > > ldapsearch -LLL -Q -s base -h ad.mydomain.tld -b > > dc=ad,dc=mydomain,dc=tld maxPwdAge

Sorry that was easy enough let seconds=`date -d "${EXPDATE}" "+%s"`-`date "+%s"` let days=$seconds/86400 echo $days > /na/homes/$1/.pwd_exp On Fri, Feb 3, 2017 at 11:15 AM, Jeff Sadowski <jeff.sadowski at gmail.com> wrote: > Actually is there a way to show it more like a timestamp. It is hard to > compute days left with a date format like that. I

On Mon, 23 Oct 2017 16:52:05 +0200 Marco Gaiarin via samba <samba at lists.samba.org> wrote: > > Sorry, i came back on this, but: > > > In another, more generic, way: how password policies are enforced? > > still i need an answer on this question. > > > I've done some tests, using my account, that pdbedit say: > > root at vdcsv1:~# LANG=C

Hi, I'm using Samba 3.2.5 on Debian Lenny, and I need to set the password for a certain user to expire on a specific date (not "now", it's a date in the future). When I was on Debian Etch I could use this: pdbedit -r -u user --time-format=%d-%m-%Y --pwd-must-change-time=<date> But it seems this option for pdbedit is not available anymore in the Samba version included

Hi folks, I knew this was recently discussed but I still couldn't get it to work. I still have the problem that the users on the W2K-Clients get the message about the password going to expire in 5 days when joining the Samba-PDC-Domain. Even if the users change the password, this message keeps coming... I have no idea what to do to avoid this message... Funny thing is, the password DOES NOT

Can I use samba-tool to globally set passwords to never expire like this: /usr/local/samba/bin/samba-tool domain passwordsettings set --max-pwd-age=0 Or do I have to set max age to some positive value and set expiration in ADUC when creating each user as "Password never expires"?

On my ubuntu machines I added auth required pam_exec.so /scripts/password_expire.sh to the beginning of /etc/pam.d/common-auth it looks pretty similar to what I did below. In the /etc/bash.bashrc I added a check to wait for the file to be less than 1 second old before looking at it. break out after 5 seconds in case something failed or is taking longer then it should. now people get

Dear Dovecot Team, I'm in the (long) process of migrating my whole email infrastructure. Of course, dovecot is in the place, and is working just fine. Still, I have an issue: password expiration. I'm now using FreeIPA backend for the user authentication, and it includes the capacity to expire passwords. Basically, it's an LDAP with fancy things, among them a field named

Greetings, I just recently set up a new server with samba and openldap authentication using smbldap. The passwords seem to be expiring after about 30 days. How do I set them so that they don't expire? Thanks, Onatawahtaw

Hello all, I have a test system with CentOS 6.2 running samba 3.5.10_125.el6 and OpenLDAP 2.4.23_20.el6. Password expiration is set as sambaMaxPwdAge: 5184000 and password aging works with a Windows 7 client. On a production system, I've got samba 3.5.10_115.el6_2 and openldap 2.4.23_20.el6 running on RHEL6.2. I have set sambaMaxPwdAge to 5184000 and it does not work consistently with

How are people handling password expirations in (non-pam) openssh? I'm currently running a program in the various startup scripts that reports to the user when their password will expire and runs passwd if that date is getting close. How are other people dealing with this? Is anyone working on integrating password changing into openssh? Is doing so even desired, since it's fairly trivial