Hi Roland,
Sure!
My colleague also tried today, and he is prompted to change his password
as well.
Take care, stay healthy, and again: no big hurry!
MJ
Op 10/2/20 om 7:56 PM schreef Roland Gruber:
Hi MJ,
I will send you a patch to extend logging in the next few days.
Best regards
Roland
Am 1. Oktober 2020 21:13:33 MESZ schrieb mourik jan c heupink
<li...@merit.unu.edu>:
Hi Roland,
Yes I did that. I verified the attributes presence like this:
- login as my user
- tree view, expand CN=Users
- on the left, search for my user, and select it
On the right now displays DN: CN=username...
Then, on the right side:
1. confirm there is any contents (so we know we can access it)
2. check for the two attributes passwordexpirationtime and pwdreset
No hurry, we can use 7.2 for the time being!
MJ
On 01 October, 2020 20:58 CEST, Roland Gruber <p...@rolandgruber.de> wrote:
Hi MJ,
can you try to open tree view as the user and then open the
user's DN?
Does it show any data? Maybe the user is not allowed to read his
own data?
I just tried on a Samba 4 instance with a normal user - all fine
here.
Will provide you a small patch to add more logging in case the test
above does not help.
Best regards
Roland
Am 01.10.20 um 20:21 schrieb mj:
Hi,
Op 10/1/20 om 8:12 PM schreef Roland Gruber:
just in case, the prompt can be disabled in server
profile -> General
settings -> Server settings -> Advanced options.
Thanks!
This is active directory, samba4, not sure if it matters. But:
LAM displays the prompt if:
Reading the user's own DN results in a non-32 return
code (no such
object)
Not sure how I can tell if that's the case, but I'm guessing
that's not
the case. There is nothing special about the account.
AND
( No data was returned for the read request
OR
The user attribute "pwdreset" is set to TRUE
Attrib doesn't exist
OR
The user attribute "passwordexpirationtime" is set
and is in the past
The attrib doesn't exist
Can you check in tree view if one of the attributes is
set? The
condition to return no data happens when a password
change is enforced
via PPolicy.
Not sure about PPolicy... I only remember that from our
openldap days
that are long gone.
Does lam log anything anywhere about why it would ask me to
change the
password..?
MJ
------------------------------------------------------------------------
Lam-public mailing list
Lam-public@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lam-public
<https://lists.sourceforge.net/lists/listinfo/lam-public>
------------------------------------------------------------------------
Lam-public mailing list
Lam-public@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lam-public
<https://lists.sourceforge.net/lists/listinfo/lam-public>
------------------------------------------------------------------------
Lam-public mailing list
Lam-public@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lam-public
<https://lists.sourceforge.net/lists/listinfo/lam-public>
_______________________________________________
Lam-public mailing list
Lam-public@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lam-public
