Am 26.02.2010 14:51, schrieb Marcelo Terres:
Let me understand.
On Fri, Feb 26, 2010 at 6:52 AM, Martin Schmidt
<martin.schm...@uni-wuerzburg.de
<mailto:martin.schm...@uni-wuerzburg.de>> wrote:
hi again,
in my case it works now after setting the "maximum password age"
to a point far in future, but not to "never".
So this works:
pdbedit -P "maximum password age" -C 4294967294
This way, the message stops ?
see below.
but this not:
pdbedit -P "maximum password age" -C -1
I have also re-disabled the users account control property
"Password does not expire" using
pdbedit -r -c "[]" test
Unix username: test
NT username: Account Flags: [U ]
User SID: S-1-5-21-1200361472-1041780773-253280391-2648
Primary Group SID: S-1-5-21-1200361472-1041780773-253280391-513
Full Name: Home Directory: \\fecenter\test
HomeDir Drive: Q:
Logon Script: Profile Path: \\fecenter\profiles\test
Domain: LSFE
Account desc: Workstations: Munged dial:
Logon time: 0
Logoff time: never
Kickoff time: never
Password last set: Thu, 25 Feb 2010 10:35:29 CET
Password can change: Thu, 25 Feb 2010 10:35:29 CET
Password must change: Sun, 03 Apr 2146 18:03:43 CEST
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
I could have hit on it in a moment!
Disabling this policy the message stop too ?
I'm not sure what stoped the message eventually. But I think the first
one, the second procedure was only to undo my changes I have done while
testing.
Regards,
Martin
Regards ,
regards,
Martin
Martin Schmidt schrieb:
hi,
I tried pdbedit -P "maximum password age" -C -1, but with no
effect.
pdbedit -r -c "[X]" test and retyping the password via
"smbpasswd test" had also no effect, curiously "pdbedit -v
test" gives following:
Unix username: test
NT username: Account Flags: [UX ]
User SID:
S-1-5-21-1200361472-1041780773-253280391-2648
Primary Group SID: S-1-5-21-1200361472-1041780773-253280391-513
Full Name: Home Directory: \\fecenter\test
HomeDir Drive: Q:
Logon Script: Profile Path:
\\fecenter\profiles\test
Domain: LSFE
Account desc: Workstations: Munged dial:
Logon time: 0
Logoff time: never
Kickoff time: never
Password last set: Thu, 25 Feb 2010 09:47:06 CET
Password can change: Thu, 25 Feb 2010 09:47:06 CET
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
regards,
Martin
Gaiseric Vandal schrieb:
We had a few users with the same problem when we moved the
password backend from tdb to ldap. The following
command seem to fix it.
pdbedit -P "maximum password age" -C -1
On 02/24/2010 04:25 PM, Marcelo Terres wrote:
Samba 3.0.24 doesn't have the problem, maybe because
it doesn't support the
policies domain account (configured with pdbedit).
This feature starts in 3.0.25 and the problems with
password expiration
starts in the version either.
Regards,
Marcelo H. Terres
mhter...@gmail.com <mailto:mhter...@gmail.com>
****************************************
ICQ: 6649932
MSN: mhter...@hotmail.com <mailto:mhter...@hotmail.com>
Jabber: mhter...@jabber.org <mailto:mhter...@jabber.org>
http://twitter.com/mhterres
http://identi.ca/mhterres
****************************************
http://mundoopensource.blogspot.com/
http://www.propus.com.br
Sent from Porto Alegre, RS, Brazil
On Wed, Feb 24, 2010 at 2:38 PM, Martin Schmidt<
martin.schm...@uni-wuerzburg.de
<mailto:martin.schm...@uni-wuerzburg.de>> wrote:
Hi,
I have a very similiar problem, but the story is
an other:
I migrated from sles 10 sp2 samba 3.0.24 to ubuntu
9.10 server samba 3.4.3
(pdc). The user-accounts were moved following this
instruction:
http://www.cyberciti.biz/faq/howto-move-migrate-user-accounts-old-to-new-server/.
When some user now try to login to the domain from
a xp-client following
message appears at every login: "Your Windows
password has expired and must
be changed. You must change your password now!"
The user can change the
password and everything works fine. But at next
login the same story. This
happens only to some of the old users and to all
users created after
migration. Any idea what could be the reason for
this? I already searched a
lot but didn't find something like this.
Thanks for any info.
Regards,
Martin
Dipl.- Geogr. Martin Schmidt
Würzburg University
Department of Geography
Remote Sensing Unit
&
German Remote Sensing Data Center (DFD) at
German Aerospace Center (DLR) Oberpfaffenhofen
--------------------------------------------------------
Am Hubland
97074 Würzburg
phone: +49 (931) 31-88179
fax: +49 (931) 888-5544
eMail: martin.schm...@uni-wuerzburg.de
<mailto:martin.schm...@uni-wuerzburg.de>
Here my smb.conf:
[global]
#log file = /var/log/samba.%m
smb ports = 139 445
#root = administrator
#DOMAIN ADMINS = root, administrator
#----Allgemeine
Einstellungen--------------------------------------------------
#Workgroup
netbios name = XXX #netbios aliases = XXX
server string = XXX
workgroup = XXX
guest account = XXX
#-----Sicherheit--------------------------------------------------------------
#Nur Subnetz FE zulassen
hosts deny = XXX
hosts allow = XXX
#Nur die Ethernet Karte 0 und Loopback zulassen
interfaces = eth0 lo
bind interfaces only = yes
#Unbekannt Nutzer rejecten
#map to guest = Never
#Zugriff auf benutzerdefinierte Freigaben nicht
erlauben
#usershare allow guests = No
#Kommunikation der Clients mit Samba auf User Ebene
#Passwort - Backend
#passdb backend = tdbsam:/etc/samba/passdb.tdb
passdb backend= smbpasswd security = user
encrypt passwords = true smb passwd file =
/etc/samba/smbpasswd
passwd program = /usr/bin/smbpasswd %u
unix password sync = false
obey pam restrictions = yes
#Fuer bestimmte Nutzer gibts extra smb.conf Dateien
config file = /etc/samba/smb.conf.%U
#---- Roaming Profiles
-----------------------------------------------------
#Antworten auf WIN98/95 Anfragen
domain logons = Yes
logon path = \\%L\profiles\%U
logon drive = Q:
#logon script = logon.cmd
#---- Browsing und Domain Master (PDC)
-------------------------------------
#wins support = Yes
#wins server = XXX
#wins proxy = yes
#PDC im Subnetz
domain master = Yes
local master = Yes
preferred master = Yes
os level = 65
#client-side caching policy
#csc policy = disable
#----Benutzerverwaltung-----------------------------------------------------
#Hinzufuegen einer Maschine ueber die Methode
Benutzername/Passwort
#add machine script = /usr/sbin/useradd -c
Machine -d /var/lib/nobody -s
/bin/false %m$
#---Drucker----------------------------------------------------------------
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
#----Tuning-----------------------------------------------------------------
socket options = TCP_NODELAY IPTOS_LOWDELAY
#Zeit zur Unterbrechung der Verbindung
Server-Client bei Verlust des
Clients
deadtime = 10
#getwd cache = yes
#kernel oplocks = no
ldap suffix =
log level = 1
#Sonstiger Mist
#include = /etc/samba/dhcp.conf
dos charset = CP850
display charset = ISO8859-1
unix charset = ISO8859-1
#oplock break wait time = 20
#oplocks = no
#kernel oplocks = no
#---- Zeit-Server
----------------------------------------------------------
time server = true
###################################
# Anmeldung Freigaben #############
###################################
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
create mask = 0664
directory mask = 0775
[profiles]
comment = Network Profiles Service
path = /home/samba/windowsprofiles
hide files = /desktop.ini/
read only = No
browseable = No
guest ok = Yes
writable = Yes
printable = No
store dos attributes = Yes
create mask = 0700
directory mask = 0700
[netlogon]
comment = Network Logon Service2
path = /home/samba/netlogon/%g
guest ok = Yes
browseable = No
read only = No
writable = Yes
###################################
# Freigaben #######################
###################################
...
Marcelo Terres schrieb:
Hi.
I enabled policies with pdbedit. Password must
be changed every 90 days
and
must contain at least 8 characters. I enabled
password history too.
After that (I tried it in samba 3.4.3 and
3.0.25 with same behaviour)
every
time a user try to log in the domain using
Windows receives a "Your
password
expires today. Do you want to change it now ?"
message box. If the
password
is changed, the message appear again next time
the user try to login. If
the
user answers no the same thing happens in the
next login.
I tested it with a lot of users and changed
the passwords several times
and
the problem continues.
Anybody have some idea about this problem ?
Thanks in advance.
Regards,
Marcelo H. Terres
mhter...@gmail.com <mailto:mhter...@gmail.com>
****************************************
ICQ: 6649932
MSN: mhter...@hotmail.com
<mailto:mhter...@hotmail.com>
Jabber: mhter...@jabber.org
<mailto:mhter...@jabber.org>
http://twitter.com/mhterres
http://identi.ca/mhterres
****************************************
http://mundoopensource.blogspot.com/
http://www.propus.com.br
Sent from Porto Alegre, RS, Brazil
--
To unsubscribe from this list go to the following
URL and read the
instructions:
https://lists.samba.org/mailman/options/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Marcelo H. Terres
mhter...@gmail.com <mailto:mhter...@gmail.com>
****************************************
ICQ: 6649932
MSN: mhter...@hotmail.com <mailto:mhter...@hotmail.com>
Jabber: mhter...@jabber.org <mailto:mhter...@jabber.org>
http://twitter.com/mhterres
http://identi.ca/mhterres
****************************************
http://mundoopensource.blogspot.com/
http://www.propus.com.br
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba