| View previous topic :: View next topic |
| Author |
Message |
petrjanda
Veteran
Joined: 05 Sep 2003
Posts: 1557
Location: Brno, Czech Republic
|
 Posted: Wed Feb 16, 2005 7:52 am Post subject: samba: force user to change password on first logon |
 |
|
When I create an account, i want the user to change their password on the first logon. How do I do that?
_________________
There is, a not-born, a not-become, a not-made, a not-compounded. If that unborn, not-become, not-made, not-compounded were not, there would be no escape from this here that is born, become, made and compounded. - Gautama Siddharta |
|
| Back to top |
|
 |
Spooky Ghost
Apprentice
Joined: 19 Apr 2002
Posts: 210
Location: Bristol, United Kingdom
|
| Posted: Thu Feb 17, 2005 1:25 pm Post subject: |
|
|
| It depends on your password backend. If it is LDAP it should be a relatively small ldif to change the user account. It it is another method you could check the "obey pam restrictions" directive in smb.conf and then manually expire the user's password. |
|
| Back to top |
|
|
petrjanda
Veteran
Joined: 05 Sep 2003
Posts: 1557
Location: Brno, Czech Republic
|
| Posted: Thu Feb 17, 2005 11:12 pm Post subject: |
|
|
| Spooky Ghost wrote: | | It depends on your password backend. If it is LDAP it should be a relatively small ldif to change the user account. It it is another method you could check the "obey pam restrictions" directive in smb.conf and then manually expire the user's password. |
The backend is TDB. However while you are talking about LDAP, I always wondered whats the ldif?
_________________
There is, a not-born, a not-become, a not-made, a not-compounded. If that unborn, not-become, not-made, not-compounded were not, there would be no escape from this here that is born, become, made and compounded. - Gautama Siddharta |
|
| Back to top |
|
|
Spooky Ghost
Apprentice
Joined: 19 Apr 2002
Posts: 210
Location: Bristol, United Kingdom
|
| Posted: Fri Feb 18, 2005 12:13 pm Post subject: |
|
|
An LDIF is a structured data file which allows you to add/modify/delete LDAP directory entries. For example this would create the root entry for the samba backend:
dn: ou=Samba,dc=dingwall,dc=me,dc=uk
objectClass: organizationalUnit
objectClass: top
ou: Samba
description: Samba Domain Information |
|
| Back to top |
|
|
petrjanda
Veteran
Joined: 05 Sep 2003
Posts: 1557
Location: Brno, Czech Republic
|
| Posted: Fri Feb 18, 2005 12:51 pm Post subject: |
|
|
| Spooky Ghost wrote: | An LDIF is a structured data file which allows you to add/modify/delete LDAP directory entries. For example this would create the root entry for the samba backend:
dn: ou=Samba,dc=dingwall,dc=me,dc=uk
objectClass: organizationalUnit
objectClass: top
ou: Samba
description: Samba Domain Information |
arent there the samba ldap scripts that can do the same? ie. to change full name of a user account, or would this need to be done with ldif too?
_________________
There is, a not-born, a not-become, a not-made, a not-compounded. If that unborn, not-become, not-made, not-compounded were not, there would be no escape from this here that is born, become, made and compounded. - Gautama Siddharta |
|
| Back to top |
|
|
petrjanda
Veteran
Joined: 05 Sep 2003
Posts: 1557
Location: Brno, Czech Republic
|
| Posted: Wed Feb 23, 2005 10:57 am Post subject: |
|
|
If I set pwdMustChange to 0, wont it ask the user to change his password everytime he logs on?
_________________
There is, a not-born, a not-become, a not-made, a not-compounded. If that unborn, not-become, not-made, not-compounded were not, there would be no escape from this here that is born, become, made and compounded. - Gautama Siddharta |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
