[389-users] Expired password still allows samba login
David Hoskinson
david.hoskinson at datatrak.net
Thu Sep 6 15:25:58 UTC 2012
We have discovered that if a 389 ldap account expires due to age, that the user can still use 389 authentication to login to our samba setup. I have set back in time the passwordexpirationtime and sambapwdlastset variables to see if this blocks access. It does deny ldap login, but samba can still access for same account. Is there something we are missing in our schema in 389 or smb.conf file that will force samba to use the expiration date.
Our system levels are Oracle Linux 5.5
389 Files
389-ds-base-1.2.8.3-1.el5
389-ds-console-doc-1.2.5-1.el5
389-ds-base-libs-1.2.8.3-1.el5
389-adminutil-1.1.13-1.el5
389-ds-console-1.2.5-1.el5
389-admin-console-1.1.7-1.el5
389-console-1.1.4-1.el5
389-ds-1.2.1-1.el5
389-admin-1.1.16-1.el5
389-admin-console-doc-1.1.7-1.el5
389-dsgw-1.1.6-1.el5
Samba Files on remote server
samba3-utils-3.6.3-44.el5
samba3-3.6.3-44.el5
samba3-client-3.6.3-44.el5
Thank you for your guidance...
David Hoskinson | DATATRAK
Systems Engineer
Mayfield Heights, Ohio, USA
+1.440.443.0082 x 124 (p) | +1.319.471.3689 (m)
david.hoskinson at datatrak.net<mailto:david.hoskinson at datatrak.net> | www.datatrak.net<http://www.datatrak.net/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20120906/05ff3668/attachment.html>
More information about the 389-users
mailing list