FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Directory

 
 
LinkBack Thread Tools
 
Old 09-06-2012, 03:25 PM
David Hoskinson
 
Default Expired password still allows samba login

We have discovered that if a 389 ldap account expires due to age, that the user can still use 389 authentication to login to our samba setup.¬* I have set back in time the passwordexpirationtime and sambapwdlastset variables to see if this
blocks access.¬* It does deny ldap login, but samba can still access for same account.¬* Is there something we are missing in our schema in 389 or smb.conf file that will force samba to use the expiration date.

¬*

Our system levels are Oracle Linux 5.5

¬*

389 Files

¬*

389-ds-base-1.2.8.3-1.el5

389-ds-console-doc-1.2.5-1.el5

389-ds-base-libs-1.2.8.3-1.el5

389-adminutil-1.1.13-1.el5

389-ds-console-1.2.5-1.el5

389-admin-console-1.1.7-1.el5

389-console-1.1.4-1.el5

389-ds-1.2.1-1.el5

389-admin-1.1.16-1.el5

389-admin-console-doc-1.1.7-1.el5

389-dsgw-1.1.6-1.el5

¬*

Samba Files on remote server

¬*

samba3-utils-3.6.3-44.el5

samba3-3.6.3-44.el5

samba3-client-3.6.3-44.el5

¬*

Thank you for your guidance…

¬*

¬*

David Hoskinson |
DATATRAK

Systems Engineer

Mayfield Heights, Ohio, USA¬*

+1.440.443.0082 x 124¬*(p)¬*|¬*+1.319.471.3689 (m)

david.hoskinson@datatrak.net¬*|¬*www.datatrak.net

¬*




--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 

Thread Tools




All times are GMT. The time now is 05:36 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org