Expired password still allows samba login
As i recall from my days as samba admin. Samba had its own attributes and you shold use smb* commands to set expiration of password.
Greg. 06-09-2012 17:26, "David Hoskinson" <david.hoskinson@datatrak.net> napisaÅ‚(a): We have discovered that if a 389 ldap account expires due to age, that the user can still use 389 authentication to login to our samba setup.Â* I have set back in time the passwordexpirationtime and sambapwdlastset variables to see if this blocks access.Â* It does deny ldap login, but samba can still access for same account.Â* Is there something we are missing in our schema in 389 or smb.conf file that will force samba to use the expiration date. Â* Our system levels are Oracle Linux 5.5 Â* 389 Files Â* 389-ds-base-1.2.8.3-1.el5 389-ds-console-doc-1.2.5-1.el5 389-ds-base-libs-1.2.8.3-1.el5 389-adminutil-1.1.13-1.el5 389-ds-console-1.2.5-1.el5 389-admin-console-1.1.7-1.el5 389-console-1.1.4-1.el5 389-ds-1.2.1-1.el5 389-admin-1.1.16-1.el5 389-admin-console-doc-1.1.7-1.el5 389-dsgw-1.1.6-1.el5 Â* Samba Files on remote server Â* samba3-utils-3.6.3-44.el5 samba3-3.6.3-44.el5 samba3-client-3.6.3-44.el5 Â* Thank you for your guidance… Â* Â* David Hoskinson | DATATRAK Systems Engineer Mayfield Heights, Ohio, USAÂ* +1.440.443.0082 x 124Â*(p)Â*|Â*+1.319.471.3689 (m) david.hoskinson@datatrak.netÂ*|Â*www.datatrak.net Â* -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users |
| All times are GMT. The time now is 06:04 AM. |
VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.