Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: Patrick Basile on September 25, 2001, 08:12:32 AM
-
Hello everyone,
Just a quick question. (sorry if this is stupid or simple, but it's been a long day)
I have my e-smith box setup as an NT PDC. Is there a way to force a user to change his/her password at first/next logon? I know this can be done on an NT4 server.
Thanks.
Regards,
Patrick
-
Hello,
Again, like my other "newbie" post, I guess this is too basic for responses. :) I'll dig around and get the answer, and post it here for those that follow in my steps.
Regards,
Patrick
-
anyone know how to do this? I really need to be able to force a password change wither on XP logon or webmail logon.
-
This is something that most of us want. Should the issue go into the feature requests or is there a way to do it?
-
On the prompt you could use a line like :
passwd -x 0 <userid>
-x <value>
Set maximum field for name. The max field contains the number of days that the password is valid for name. The aging for name will be turned off immediately if max is set to -1. If it is set to 0, then the user is forced to change the password at the next login session and aging is turned off.
another option:
-f
Force the user to change password at the next login by expiring the password for name.
-
Ok I tried both
passwd -x 0 user
and
passwd -x -1 user
but when I log into xp it does not ask me to change the password. Surely passwd changes t
e linux user and not the samba one? Also passwd -f just asks for a new password at the command prompt on the server.
Any ideas?
-
Didn't think clear...
Checked smbpasswd options... can't see any possibility to enforce this option. So it should become an option where PAM is forcing the user to the change the password and samba will follow the change.
I don't see any possibilities to do this quickly.
-
ok after some googling I have found that you can supposedly use
pdbedit --pwd-must-change-time=0 -u username
but this does not appear to work on my sme box
-
what about this style ?
pdbedit -P "maximum password age" -C 0 -u <username>
-
pdbedit -P "maximum password age" -C 0 -u test
Incompatible or insufficient options on command line!
-
ok I have found out why the pdbedit doesnt work. it requires you to have the samba passwd backend to be tdbsam and sme uses smbpasswd
anyone know if it's ok to upgrade sme to use tdbsam by changing smb.conf template and also using
pdbedit -i smbpasswd -e tdbsam
?
-
ok someone has already done this... going to test it on a vm...
http://forums.contribs.org/index.php?topic=34674.0