Thanks. I will read up on this functionality in OpenLDAP. From what I've read so far, the default is to just update userPassword, but I will look into the modules or configuration options to add shadowLastChange to that.
Thanks again, A On Fri, 21 Jan 2005 09:09:27 +1100, Andrew Bartlett <[EMAIL PROTECTED]> wrote: > On Thu, 2005-01-20 at 15:00 -0500, Anthony Linux wrote: > > Question regarding what the smb.conf line ldap passwd sync = Yes actually > > does. > > > > I have a lab with mixed Win2k and RH9 computers running Samba 3 and > > OpenLdap. Right now we're having a problem with password expiration. > > Samba is working just fine and when a user changes their password, the > > date changes as well. > > > > But for Linux, however the password is being changed is not updating > > the shadowLastChange parameter. So even though the users are > > successfully changing their passwords (though Windows), the Linux > > boxes are denying access due to that parameter not being set. > > It is up to your LDAP sever to update these values. Samba makes a call > to the OpenLDAP defined (and internet-stadnard-proposed, I think) > password set extended operation. The LDAP server is expected to do > something sane . You may need to obtain/write some modules for OpenLDAP > to handle this. > > Andrew Bartlett > > -- > Andrew Bartlett http://samba.org/~abartlet/ > Authentication Developer, Samba Team http://samba.org > Student Network Administrator, Hawker College http://hawkerc.net > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba