I have a 2.2.17a system using Samba 4's AD back-end for its
authentication. Over the past few days a number of user account
passwords have expired. Where these are also Windows users they are
prompted to change their password at logon to their PC. However, for
web-only users, the SOGo logon just denies access now rather than
prompting for a change.
Is this the expected behaviour? I have tried with passwordPolicy = YES
(it was originally set to NO) and this does not seem to make any
difference. The following is logged in sogo.log when a user with an
expired password tries to connect:
Apr 29 10:56:37 sogod [860]: SOGoRootPage Login from '192.168.x.x' for
user 'username' might not have worked - password policy: 65535 grace:
-1 expire: -1 bound: 0
Users with unexpired passwords can log in fine with passwordPolicy set
to either YES or NO. SOGoPasswordChangeEnabled = YES is also set on the
server and works fine when the password is still within its lifetime.
Any assistance much appreciated,
Ian.
--
users@sogo.nu
https://inverse.ca/sogo/lists
