Hi MJ, I will send you a patch to extend logging in the next few days.
Best regards Roland Am 1. Oktober 2020 21:13:33 MESZ schrieb mourik jan c heupink <li...@merit.unu.edu>: >Hi Roland, > >Yes I did that. I verified the attributes presence like this: >- login as my user >- tree view, expand CN=Users >- on the left, search for my user, and select it > >On the right now displays DN: CN=username... > >Then, on the right side: >1. confirm there is any contents (so we know we can access it) >2. check for the two attributes passwordexpirationtime and pwdreset > >No hurry, we can use 7.2 for the time being! > >MJ > > >On 01 October, 2020 20:58 CEST, Roland Gruber <p...@rolandgruber.de> >wrote: > >> Hi MJ, >> >> can you try to open tree view as the user and then open the user's >DN? >> Does it show any data? Maybe the user is not allowed to read his own >data? >> >> I just tried on a Samba 4 instance with a normal user - all fine >here. >> Will provide you a small patch to add more logging in case the test >> above does not help. >> >> >> Best regards >> >> Roland >> >> >> Am 01.10.20 um 20:21 schrieb mj: >> > Hi, >> > >> > Op 10/1/20 om 8:12 PM schreef Roland Gruber: >> >> just in case, the prompt can be disabled in server profile -> >General >> >> settings -> Server settings -> Advanced options. >> > Thanks! >> > >> > This is active directory, samba4, not sure if it matters. But: >> > >> >> LAM displays the prompt if: >> >> >> >> Reading the user's own DN results in a non-32 return code (no such >> >> object) >> > Not sure how I can tell if that's the case, but I'm guessing that's >not >> > the case. There is nothing special about the account. >> > >> >> AND >> >> ( No data was returned for the read request >> >> OR >> >> The user attribute "pwdreset" is set to TRUE >> > Attrib doesn't exist >> > >> >> OR >> >> The user attribute "passwordexpirationtime" is set and is in >the past >> > The attrib doesn't exist >> > >> >> Can you check in tree view if one of the attributes is set? The >> >> condition to return no data happens when a password change is >enforced >> >> via PPolicy. >> > Not sure about PPolicy... I only remember that from our openldap >days >> > that are long gone. >> > >> > Does lam log anything anywhere about why it would ask me to change >the >> > password..? >> > >> > MJ >> > >> > >> > _______________________________________________ >> > Lam-public mailing list >> > Lam-public@lists.sourceforge.net >> > https://lists.sourceforge.net/lists/listinfo/lam-public >> >> >> _______________________________________________ >> Lam-public mailing list >> Lam-public@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/lam-public > > > >_______________________________________________ >Lam-public mailing list >Lam-public@lists.sourceforge.net >https://lists.sourceforge.net/lists/listinfo/lam-public
_______________________________________________ Lam-public mailing list Lam-public@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lam-public
