Hi Roland, Yes I did that. I verified the attributes presence like this: - login as my user - tree view, expand CN=Users - on the left, search for my user, and select it
On the right now displays DN: CN=username... Then, on the right side: 1. confirm there is any contents (so we know we can access it) 2. check for the two attributes passwordexpirationtime and pwdreset No hurry, we can use 7.2 for the time being! MJ On 01 October, 2020 20:58 CEST, Roland Gruber <p...@rolandgruber.de> wrote: > Hi MJ, > > can you try to open tree view as the user and then open the user's DN? > Does it show any data? Maybe the user is not allowed to read his own data? > > I just tried on a Samba 4 instance with a normal user - all fine here. > Will provide you a small patch to add more logging in case the test > above does not help. > > > Best regards > > Roland > > > Am 01.10.20 um 20:21 schrieb mj: > > Hi, > > > > Op 10/1/20 om 8:12 PM schreef Roland Gruber: > >> just in case, the prompt can be disabled in server profile -> General > >> settings -> Server settings -> Advanced options. > > Thanks! > > > > This is active directory, samba4, not sure if it matters. But: > > > >> LAM displays the prompt if: > >> > >> Reading the user's own DN results in a non-32 return code (no such > >> object) > > Not sure how I can tell if that's the case, but I'm guessing that's not > > the case. There is nothing special about the account. > > > >> AND > >> ( No data was returned for the read request > >> OR > >> The user attribute "pwdreset" is set to TRUE > > Attrib doesn't exist > > > >> OR > >> The user attribute "passwordexpirationtime" is set and is in the past > > The attrib doesn't exist > > > >> Can you check in tree view if one of the attributes is set? The > >> condition to return no data happens when a password change is enforced > >> via PPolicy. > > Not sure about PPolicy... I only remember that from our openldap days > > that are long gone. > > > > Does lam log anything anywhere about why it would ask me to change the > > password..? > > > > MJ > > > > > > _______________________________________________ > > Lam-public mailing list > > Lam-public@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/lam-public > > > _______________________________________________ > Lam-public mailing list > Lam-public@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/lam-public _______________________________________________ Lam-public mailing list Lam-public@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lam-public
