Steve Langasek wrote: > > On Thu, Sep 26, 2002 at 09:20:19PM +0200, Jelmer Vernooij wrote: > > On Thu, Sep 26, 2002 at 09:14:39PM +0200, Jean Francois Micouleau wrote about 'Re: >--wuth-tdbsam ?': > > > > On Thu, 26 Sep 2002, Gerald (Jerry) Carter wrote: > > > > > Anyone? > > > > > Why do we still have a configure flag for this since it is selectable > > > > at run time ? > > I guees it used to be optional since we didn't want to compile in > > unstable code. > > > > and tdbsam should be the default passdb backend in 3.0. We should remove > > > the smbpasswd file and provide a migration script. > > 'pdbedit -i smbpasswd -e tdbsam' does exactly that.. now we only need > > to document it :-) > > Is pdb importing from smbpasswd going to be fixed first so that > everyone's passwords don't expire 12 days after they upgrade? :)
The problem isn't actually tdbsam, it's smbpasswd. Smbpasswd is giving out dodgy made up values. See, we have a policy database that stores the 'max password age' etc, but we don't do 'last change time + max password age = must change time' yet. I was going to do that, but with a default value of 21 days, it would lock a lot of people out (who would certainly not be expecting it). Really, people have been using smbpasswd on the assumption that 'password does not expire' was implicity set. Possibly having an easy tool to set that on every account might be a good idea, but I'm just not sure. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
