LDAP Samba PDC Password Expired
Posted by Planet Malaysia on September 12, 2006
Yesterday I found one of my LDAPSamba PDC server user account was expired.
For example:
[root@planetmy]# pdbedit -Lv myusername
Unix username: myusername
NT username: myusername
Account Flags: [U ]
User SID: S-1-5-21-2849042050-2089538630-
1664923163-3015
Primary Group SID: S-1-5-21-2849042050-2089538630-
1664923163-423
Full Name: System User
Home Directory: \\pdcdomain\myusername
HomeDir Drive: H:
Logon Script: logon.bat
Profile Path: \\pdcdomain\profiles\myusername
Domain: PDCDOMAIN
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Sat, 14 Dec 2005 04:45:51 GMT
Kickoff time: Sat, 14 Dec 2005 04:45:51 GMT
Password last set: Mon, 11 Sep 2005 11:19:03 GMT
Password can change: 0
Password must change: Thu, 11 Sep 2006 11:19:03 GMT
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
First, you can change the password age with the command: “pdbedit – P “maximum password age” – C – 1″.
*account policy “maximum password age” description: Maximum password age, in seconds (default: – 1 => never expire passwords)
Please check here for pdbedit utility tutorial guide.
Secondly, you can edit “/etc/smbldap-tools/smbldap.conf” and change the default
“defaultMaxPasswordAge=”45″ if you are using smbldap-tools.
Lastly, you can try Phpldapadmin – web-based LDAP browser to manage your LDAP server. Login to phpldapadmin web page and look for the desire username and change sambaPwdMustChange to 2147483647 for password age to year 2038.
Possibly Related Posts:
- How to Install Webmin on OpenFiler
- lppasswd: Unable to open passwd file: Permission denied
- Missing /var/log/lastlog
- Telnet service_limit error
- How To Capture PUTTY Session Log
Comments
Leave a Reply