Issue #714 has been updated by Jarbas Peixoto Junior.
Jarbas Peixoto Junior wrote:
> When a password is changed and used by samba, it's interesting that the
> logged on Windows user received notification that your password has expired,
> but was not allowed to even change the password with a simple CTRL + ALT +
> DEL.
>
> The above same situation can be applied to Linux desktops.
>
> With the help of some attributes can force the user to know that your
> password has expired and at the same time does not allow it to be possible to
> change it in Windows / Linux. Thus the only alternative is to access the URL
> with that application, thus ensuring uniformity of validations.
>
> MaxPwdAge - Password Expiry (in days)
> MinPwdAge - How many days after I exchange again.
>
> Note: When MinPwdAge MaxPwdAge is larger than the exchange can be made only
> after the password expiration.
>
> A code snippet (from lib/functions.inc.php) with the suggested changes is
> below:
>
> [...]
A small change:
<pre>
# Shadow options
if ( $shadow_options['update_shadowLastChange'] ) {
$userdata["shadowLastChange"] = floor($PwdLastSet/60/60/24); # When
the password has been changed.
$userdata["shadowMax"] = floor($MaxPwdAge); # Max
Password Age (days).
$userdata["shadowMin"] = floor($MinPwdAge); # Min
Password Age (days).
$userdata["shadowWarning"] = 7; # How
many days before expiry will be warned
}
</pre>
----------------------------------------
Feature #714: Add some attibutes sambaSamAccount/shadowAccount
http://tools.lsc-project.org/issues/714
Author: Jarbas Peixoto Junior
Status: Assigned
Priority: Normal
Assigned to: Clément OUDOT
Category: Self Service Password
Target version: self-service-password-?
When a password is changed and used by samba, it's interesting that the logged
on Windows user received notification that your password has expired, but was
not allowed to even change the password with a simple CTRL + ALT + DEL.
The above same situation can be applied to Linux desktops.
With the help of some attributes can force the user to know that your password
has expired and at the same time does not allow it to be possible to change it
in Windows / Linux. Thus the only alternative is to access the URL with that
application, thus ensuring uniformity of validations.
MaxPwdAge - Password Expiry (in days)
MinPwdAge - How many days after I exchange again.
Note: When MinPwdAge MaxPwdAge is larger than the exchange can be made only
after the password expiration.
A code snippet (from lib/functions.inc.php) with the suggested changes is
below:
<pre>
...
$PwdLastSet=time(); # Today - now
$MaxPwdAge=45; # Password Expiry (in days)
$MinPwdAge=365; # How many days after I exchange again
# Set Samba password value
if ( $samba_mode ) {
$userdata["sambaNTPassword"] = make_md4_password($password);
$userdata["sambaPwdLastSet"] = $PwdLastSet; # Now
$userdata["sambaPwdMustChange"] = $PwdLastSet+$MaxPwdAge; # So
when the password is valid.
$userdata["sambaPwdCanChange"] = $PwdLastSet+$MinPwdAge; # When
you can change the password again.
}
...
# Shadow options
if ( $shadow_options['update_shadowLastChange'] ) {
$userdata["shadowLastChange"] = floor($PwdLastSet/60/60/24); # When
the password has been changed.
$userdata["shadowMax"] = floor($MaxPwdAge/60/60/24); #
Password Age (days).
$userdata["shadowWarning"] = 7; # How
many days before expiry will be warned
}
</pre>
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://tools.lsc-project.org/my/account
_______________________________________________
ltb-dev mailing list
[email protected]
http://lists.ltb-project.org/listinfo/ltb-dev
