On Tue, 28 Apr 2015, Dmitri Pal wrote:
On 04/28/2015 12:17 PM, Christopher Lamb wrote:
May be you should consider managed entry plugin and make this
attribute be updated at the same time the standard password expiration
attribute is updated?
I wish to pick your brains on the attribute sambaPwdLastSet
We have a newly setup FreeIPA 4.1.0, with users and groups migrated from an
old 3.0.0 instance.
We are also running Samba to share files to Windows and OSX users. This
means that all the FreeIPA user accounts have the attribute
If this has the value 0, our users cannot map Samba shares, so we need to
make sure the value is a positive integer.
In an attempt to do this, I modified user.py, adding the attribute to the
takes_params for the class user as follows:
. . .
takes_params = (
. . .
doc=_('Date as an integer when the samba password was last set'
. . .
This works fine if I create a user via the CLI.
However if I create a user via the Web UI, or use the Web UI to reset a
user's password, then the attribute sambaPwdLastSet is set to zero.
So what scripts do I need to change to make sure the Web UI sets
sambaPwdLast Set to a positive value? (I don't want to run ldapmodify
scripts, or have to use Apache Directory Studio to hack the db..)
Or is there an altogether better approach to handling this field?
Dmitri, it is already updated -- we set it to 0 when admin changes
I've wrote an answer to Chris but forgot to CC: the list. I'll re-send
/ Alexander Bokovoy
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project