On Tuesday 21 June 2005 09:26, Kurt Bechstein wrote: > > > The next question is about password aging. I have a client that would > > > like to have the user have to reset their password after 60 days. I've > > > seen some inklings online of being able to do with pdbedit, but the > > > documentation seems non-existent at best on how to do this. Maybe this > > > is also doable with a policy setup. I haven't actually tried that one > > > yet so if that works just let me know and I'll dig into that. Thanks > > > in advance. > > > > You can use either the NT4 Domain User Manager to manage all aspects of > > your user and group accounts, or you can use pdbedit from the command > > line. > > I've tried using the NT4 Domain Manager in conjunction with the tdbsam > backed but haven't had any luck as far as password aging goes. It > doesn't seem to be making any changes at least as far pdbedit -L -v > goes. Also, I've tried to change the max password age via pdbedit -P > "max password age" -C ????. However, according to M$'s documentation > this value is stored from 1-999 but this doesn't look like what the tdb > file is storing. What type of parameter do I need to pass to pdbedit to > enforce a 60 day password expiration? I'm doing this on Red Hat > enterprise 4 by the way. Thanks in advance.
The maximum password age is stored in seconds. 1 day == 86400 seconds The useful range that matches NT4 capabilities is 86400 - 86313600 sec (999 days). When you set this to never expire in NT4 it sets to 4294967295 sec. So, 60 days = 5184000 - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba