I've been fiddling lately with Samba 3 coupled with openldap, nss_ldap, pam_ldap and the smbldap-tools to create a PDC.
Following various examples, most things work, but I have an issue with changing passwords from Windows. If I manually change a password with smbldap-passwd, the script correctly adjusts the sambaPwdMustChange attribute according to what defaultMaxPasswordAge is set to. If I change the password through Windows, Samba presumably uses smbpasswd, because the sambaPwdMustChange attribute is then somehow set to only 2 days into the future. The same thing happens if I run smbpasswd manually. As a simple hack I even tried symlinking /usr/bin/smbpasswd to /use/local/sbin/smbldap-passwd, but samba *still* used it's own mechanism, which always ends up in sambaPwdMustChange being just a couple of days ahead. Meaning of course, if users will ever change their own passwords, the ldap record will manually need fixing. Is there a way I can get samba to use only the smbldap-passwd script or otherwise fix this so sambaPwdMustChange is set to defaultMaxPasswordAge from the smbldap-tools conf file, or at least something further ahead in the future than two days? -- Dan -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba