> New users setup ok and first logon password change works. Because of > HIPAA we need the passwords to change every 30 days however this isn't > happening. > I thought that I had this working once upon a time while I was testing > and getting ready for production but somewhere along the line I must've > changed something. At any rate we're moving into production (3 > departments so far!) and this has come to my attention.
Have you tried setting a password change policy via pdbedit? > Other relevant data: > ldapsearch -x -b "dc=hrh,dc=org" "(ObjectClass=*)" > >current_ldapsearch.txt and looking up my account shows: > # jslittl, People, hrh.org > dn: uid=jslittl,ou=People,dc=hrh,dc=org > objectClass: top > objectClass: inetOrgPerson > objectClass: posixAccount > objectClass: shadowAccount > objectClass: sambaSamAccount > cn: jslittl > sn: jslittl > uid: jslittl > uidNumber: 1004 > homeDirectory: /home/jslittl > loginShell: /bin/bash > gecos: System User > sambaSID: S-1-5-21-1418864132-1159184377-506600700-3008 > description: domain admin > sambaKickoffTime: 0 > sambaPasswordHistory: > 00000000000000000000000000000000000000000000000000000000 > 00000000 > sambaLogonHours: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > sambaAcctFlags: [U ] > gidNumber: 512 > sambaPrimaryGroupSID: S-1-5-21-1418864132-1159184377-506600700-512 > sambaPwdMustChange: 2147483647 This is way more than 30 days into the future. > sambaPwdCanChange: 1116358396 > sambaPwdLastSet: 1116358396
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba