We are using a Samba domain controller with a Sun Directory Server 7 LDAP
backend and we observed that when an account was locked out on Windows, it
would not lock the account on Linux as well.
We are using Samba 3.0.33 on CentOS 5.3 and this is the change I made:
To configure samba to perform proper windows lockout in conjunction
with a linux lockout, we need to modify the samba source code to look
for the pwdaccountlockedtime rather than sambaKickoffTime
Download the source RPM for samba for the OS you're using. This example
uses samba-3.0.33-3.7.el5.src.rpm from CentOS 5.3
rpm -ivh samba-3.0.33-3.7.el5.src.rpm
cd /usr/src/redhat/SOURCES
tar -xzf samba-3.0.33.tar.gz
cd samba-3.0.33/source/lib
edit smbldap.c: look for sambaKickoffTime and change to
pwdaccountlockedtime (2 places)
cd /usr/src/redhat/SOURCES
rm samba-3.0.33.tar.gz
tar -czf samba-3.0.33.tar.gz samba-3.0.33
rm -rf samba-3.0.33
rpmbuild -bb /usr/src/redhat/SPECS/samba.spec (install any
dependencies i.e. cups-devel or do a --nodeps to ignore)
cd /usr/src/redhat/RPMS/x86_64
rpm -Uvh --replacepkgs --force samba*.rpm
I'm not sure if this issue was addressed in later versions of Samba. I'm just
posting this in case someone finds it helpful, or knows of a better/safer way
to accomplish the same thing.
Thanks.
Kevin Taylor
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
