> If you add the ppolicy overlay you have a clean way to prevent password > changes for some acounts (through Windows, or any interface). > For instance one can use a pwdPolicy with pwdAllowUserChange: FALSE
Hi Thierry, I think I have the disallow change password issue figured out. I'm mostly concerned about changing through Windows... so I think everything you mentioned should work out. So thanks! However, I still can't figure out why accounts that are getting locked out due to bad password attempts aren't unlocking after the amount of time specified in the "lockout duration" policy in pdbedit. Has anyone heard of this before? Or is there anything at all I can check or try? Any help is most appreciated... because I'm starting to run out of ideas. Thanks! -Matt -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
