Displaying 20 results from an estimated 1000 matches similar to: "samba-tool : how to remove expiry date of an account"
2023 May 24
1
samba-tool : how to remove expiry date of an account
Hi Rowland, and many thanks for fast reply,
When using --noexpiry,
the userAccountControl is set to 66048, which disable expiry for
password as well (in MS console, "password never expires" is now
checked).
This means that the password expiry (let say, every 6 month)
will never popup again to the user, which is in my sense a wrong
behaviour.
Is there a way to change ONLY
2023 May 26
1
samba-tool : how to remove expiry date of an account
Hi Rowland and list,
I allow myself to give a UP to my message in
case someone has an idea.
Thanks,
--Oliver
Le 2023-05-24 15:55,
Olivier BILHAUT via samba a ?crit :
> Hi Rowland, and many thanks for
fast reply,
>
> When using --noexpiry,
> the userAccountControl is set
to 66048, which disable expiry for
> password as well (in MS console,
"password never
2024 Mar 22
1
Remove account noexpiry and use PSO again
On Thu, 21 Mar 2024 19:50:17 +0100
Kees van Vloten via samba <samba at lists.samba.org> wrote:
> Hi Team,
>
>
> I am using fine-grained Password Settings Objects (PSOs), set with
> 'samba-tool domain passwordsettings pso' to determine a.o. password
> expiry (max. pw. age), they are set on a group.
>
> A while ago I have set one user to never expire:
2024 Mar 21
1
Remove account noexpiry and use PSO again
Hi Team,
I am using fine-grained Password Settings Objects (PSOs), set with
'samba-tool domain passwordsettings pso' to determine a.o. password
expiry (max. pw. age), they are set on a group.
A while ago I have set one user to never expire: 'samba-tool user
setexpiry myuser --noexpiry'.
How do I remove 'noexpiry' from the user account and let the user follow
the PSO
2016 Apr 28
2
Password must change
What I want is to get definiri X user had the expiration date on a date
and Y user on another date, but this date I could set.
The date when you arrive, you have to change this password.
When I use the command
samba-tool user setexpiry USER - noexpiry
it change the "Password must change: Tuesday, 19 Jan 2038 01:14:07 GMT"
I would like to do this, so that setting the date.
Em
2016 Aug 29
5
set UPN / SPN from samba-tool.
Hai
After my squid group adventure, i have a remaining question here.
The problem was as followed. ( and this probely dont applie to squid kerberos helpers only. )
samba-tool setup for squid i used, was as followed.
samba-tool user create squid1-service --description="Unprivileged user for SQUID1-Proxy Services" --random-password
samba-tool user setexpiry
2016 Apr 28
1
Password must change
Sorry but I do not understand ....
:-O
Em 28-04-2016 16:55, Rowland penny escreveu:
> On 28/04/16 20:30, Carlos A. P. Cunha wrote:
>>
>> What I want is to get definiri X user had the expiration date on a
>> date and Y user on another date, but this date I could set.
>> The date when you arrive, you have to change this password.
>>
>> When I use the command
2015 Sep 03
2
dhcp errors - Re: dhcp example
First I am having a couple challenges with your script here:
On 09/03/2015 02:43 PM, Rowland Penny wrote:
>
> I thought that might be your next question, I wrote it, based on what
> I found here:
>
> http://blog.michael.kuron-germany.de/2011/02/isc-dhcpd-dynamic-dns-updates-against-secure-microsoft-dns/
>
>
> #!/bin/bash
>
> # /usr/local/sbin/dhcp-dyndns.sh
> #
2015 Sep 04
1
further testing - Re: dhcp errors - Re: dhcp example
This will be it for tonight...
Sep 3 20:35:30 homebase dhcpd: DHCPDISCOVER from 02:97:09:02:23:a2
(cubieboard2) via eth0
Sep 3 20:35:31 homebase dhcpd: DHCPOFFER on 192.168.192.21 to
02:97:09:02:23:a2 (cubieboard2) via eth0
Sep 3 20:35:31 homebase dhcpd: /usr/local/sbin/dhcp-dyndns.sh: line 17:
/var/log/dyndns.log: Permission denied
Sep 3 20:35:31 homebase dhcpd:
2017 Oct 08
1
bind9 and isc-dhcp-Server for dynamic DNS-updates Error
Hi Rowland, I resolve the problem partially.
The problem was due to the fact that I do not have winbind installed because Samba 4, Bind9 and isc-dhcp-server are on the same server.
I commented on these lines in the script dhcp-dyndns.sh and it worked (on commit and on release but not on expiry )
#TESTUSER=$(wbinfo -u | grep dhcpduser)
#if [ -z "${TESTUSER}" ]; then
# echo "No
2015 Feb 12
2
Samba4 kinit issue with principal and keytab file
Hi All !
Using Samba Version 4.1.12, updated from source from
4.0beta1
I've created a user, let say kerbuser, for a web server to
authenticate with kerberos and provide SSO to the end-users.
In my
example, my domain is MYDOMAIN.LOCAL, the apache server is
webserver.mydomain.local and the AD user is kerbuser
I've added a
principal on the user and exported everything in a keytab so
2018 Jul 18
3
Samba AD 4.8.3 Windows Server 2016 Active Directory Users and Computers: The procedure number is out of range
Hello Rowland,
> These shouldn't be set or are defaults:
> name resolve order = host
> passdb backend = tdbsam
> security = user
> domain logons = yes
> log level = 3
> os level = 64
> preferred master = yes
> local master = yes
> domain master = yes
> tls keyfile = key.pem
> tls certfile = cert.pem
> tls cafile = ca.pem
I kicked these out. I found
2002 Dec 08
1
Password expiry related clarification in OpenSSH3.5p1
fyi (i'm behind in following the passord expire efforts).
----- Forwarded message from Logu <logsnaath at gmx.net> -----
Date: Sat, 7 Dec 2002 02:42:52 +0530
From: "Logu" <logsnaath at gmx.net>
To: <stevesk at cvs.openbsd.org>
Cc: <kumaresh_ind at gmx.net>
Subject: Password expiry related clarification in OpenSSH3.5p1
Hello Stevesk,
We are using
2015 Aug 05
5
LDAP bindpw password
Hi.
I'm using Samba 4 on two Zentyal servers as Domain Controller and now
I have to authenticate some services to it (Apache and PAM in
particular).
The LDAP integration asks me for a LDAP bind password, but I cannot
find out where it is on Zentyal.
Is there a way to check (or change it) directly on Samba 4?
Or is it preferable to authenticate against Active Directory or Kerberos?
Thank you
2013 Oct 26
2
lost with AD auth
Hi all,
Well, I'm completely lost with AD authentification ...
server is :
Ubuntu 12.04.3 3.8.0-32-generic #47~precise1-Ubuntu
Samba 4.0.10 installed (and upgraded) via git, setup as unique Active
Directory Domain Controller
( -> how to upgrade to 4.1 via git ?? )
I 'just' would like that the local services (let's say only dovecot and
postfix) can query AD to authentifiate
2015 Sep 01
3
ldbadd with kerberos ticket => 00002020: Operation unavailable without authentication
Hi,
I'd like to use ldbadd with kerberos authentication using samba
4.2.3-SerNet-Debian-7.jessie, but it seems authentication is not being
processed. Executing...
kinit Administrator at INTERNAL.DOMAIN.TLD -k -t /etc/admin.keytab
root at dc01:/# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: Administrator at INTERNAL.DOMAIN.TLD
Valid starting Expires Service
2016 Oct 12
2
Samba-tool password expiration and service accounts
Initially I had set password expiration to be 6 months using samba-tool, and
used ADUC to tick the "password never expires" box on specific service
accounts that I wanted to keep with the same password. What I found was that
even with this box checked, the account's passwords did expire after 6
months.
So it seems that the password settings configured by samba-tool apply to all
2016 Feb 22
6
Kerberos Principal
Hi all,
I’m looking to add in a kerberos principal on my server for the AD domain.
I see there are ways to do this for user(s), but I don’t see how to add a principal for hosts.
In general, I’ld like to add something like the following to me 4.3.4 Domain:
ktpass -princ afpserver/fqdn at REALM -mapuser mapuser at domain +rndPass -out afpserver.keytab
This is for a netatalk server. I’ve never
2024 May 16
1
Security descriptors options of Group Policies
On 16-05-2024 18:46, Rowland Penny via samba wrote:
> On Thu, 16 May 2024 17:40:45 +0200
> Olivier BILHAUT <obilhaut at fondation-misericorde.fr> wrote:
>
>> Thanks Rowland for once again, an analysis that looks good.
>>
>> To you,
>> is there a workaround at this stage ?
> Not from myself,it has been years since I looked into this and only
> really got
2015 Feb 09
2
Samba4 - Corrupted group caused stop of replication - "Object class violation"
Hi Andrew,
Thanks for your reply.
We tried successfully the
--full-sync option from first to second DC. Unfortunately, afterwards
the second DC was still in a corrupted state. The "Deleted Objects"
still contained the ugly groups with the missing attribute...
So we
achieved to get a successfull replication after editing the "deleted
objects" with ldbedit. We have deleted