More info on the problem that users could access shares, but not login,
if their passwords were "expired" by days, but had "password never
expires" flagged.
During further experimentation, I discovered (I'm not a Windows person)
that in addition to flagging a user as "password never expires", there
is an account policy flag specifying the same thing globally. If the
account policy flag is set, the users can log in; if only the per-user
flag is set, they cannot.
So to refine my previous statement, it appears pam_winbind ignores the
per-user "password never expires" flag.
-- bill
(I'm reading the list in summary, so my apologies if someone else has
already commented on this.)
Bill Greene
Rubicon Group Ltd.
Oak Brook Illinois USA
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba