We have discovered that if a 389 ldap account expires due to age, that the user can still use 389 authentication to login to our samba setup.Â* I have set back in time the passwordexpirationtime and sambapwdlastset variables to see if this
blocks access.Â* It does deny ldap login, but samba can still access for same account.Â* Is there something we are missing in our schema in 389 or smb.conf file that will force samba to use the expiration date.

Â*

Our system levels are Oracle Linux 5.5

Â*

389 Files

Â*

389-ds-base-1.2.8.3-1.el5

389-ds-console-doc-1.2.5-1.el5

389-ds-base-libs-1.2.8.3-1.el5

389-adminutil-1.1.13-1.el5

389-ds-console-1.2.5-1.el5

389-admin-console-1.1.7-1.el5

389-console-1.1.4-1.el5

389-ds-1.2.1-1.el5

389-admin-1.1.16-1.el5

389-admin-console-doc-1.1.7-1.el5

389-dsgw-1.1.6-1.el5

Â*

Samba Files on remote server

Â*

samba3-utils-3.6.3-44.el5

samba3-3.6.3-44.el5

samba3-client-3.6.3-44.el5

Â*

Thank you for your guidance…

Â*

Â*

David Hoskinson |
DATATRAK

Systems Engineer

Mayfield Heights, Ohio, USAÂ*

+1.440.443.0082 x 124Â*(p)Â*|Â*+1.319.471.3689 (m)

david.hoskinson@datatrak.netÂ*|Â*www.datatrak.net

Â*




--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users