Hey all,<br><br>We are running openldap and samba on RHEL5. The end users passwords appear to silently expire and lock them out of their RHEL5 servers. The only way to get the user back in is for one of the admins to reset the password for the user on the samba server like this:<br>
<br>smbldap-passwd $USER<br><br>We have tried some things like to disable expiration but it has not helped. At the moment we are looking for a way to reset the accounts so that they stop expiring at unopportune times so that we stop the flood of support issues and then deal with the problem in a different manner.<br>
<br>Tried this among other commands:<br>smbldap-usermod -B -! $USER<br><br>Here is a before an after password reset dump of user data.. After diffing the results I noticed the sambaPwdLastSet value changed. I have looked for a way to manually set this to alleviate the immediate problem at hand but have yet to find a method. There doesn't seem to be a way to do this using pdbedit or smbldap-usermod. Any ideas or suggestions on this one? <br>
<br>BEFORE password reset<br>smbldap-usershow wendi<br>dn: uid=wendi,ou=Users,dc=turbocorp,dc=com<br>objectClass: top,person,organizationalPerson,inetOrgPerson,posixAccount,shadowAccount,sambaSamAccount,inetLocalMailRecipient<br>
cn: Wendi <br>sn: Stilskin<br>givenName: Wendi<br>uid: wendi<br>uidNumber: 1138<br>gidNumber: 1001<br>homeDirectory: /home/wendi<br>loginShell: /bin/bash<br>gecos: Wendi Stilskin<br>sambaLogonTime: 0<br>sambaLogoffTime: 2147483647<br>
sambaKickoffTime: 2147483647<br>sambaPwdCanChange: 0<br>displayName: Wendi Stilskin<br>sambaSID: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX<br>sambaProfilePath: \\SAMBA\profiles\wendi<br>sambaHomePath: \\SAMBA\wendi<br>sambaPrimaryGroupSID: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX<br>
sambaHomeDrive: Z:<br>mailLocalAddress: wendi<br>mail: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX<br>sambaLMPassword: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX<br>sambaNTPassword: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX<br>sambaPwdLastSet: 1235589930<br>
sambaPwdMustChange: 1251141930<br>userPassword: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX<br>sambaDomainName: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX<br>sambaAcctFlags: [XU]<br><br>AFTER password reset<br>smbldap-usershow wendi<br>dn: uid=wendi,ou=Users,dc=turbocorp,dc=com<br>
objectClass: top,person,organizationalPerson,inetOrgPerson,posixAccount,shadowAccount,sambaSamAccount,inetLocalMailRecipient<br>cn: Wendi Stilskin<br>sn: Stilskin<br>givenName: Wendi<br>uid: wendi<br>uidNumber: 1138<br>gidNumber: 1001<br>
homeDirectory: /home/wendi<br>loginShell: /bin/bash<br>gecos: Wendi Stilskin<br>sambaLogonTime: 0<br>sambaLogoffTime: 2147483647<br>sambaKickoffTime: 2147483647<br>sambaPwdCanChange: 0<br>displayName: Wendi Stilskin<br>sambaSID: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX<br>
sambaProfilePath: \\SAMBA\profiles\wendi<br>sambaHomePath: \\SAMBA\wendi<br>sambaPrimaryGroupSID: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX<br>sambaHomeDrive: Z:<br>mailLocalAddress: wendi<br>mail: <br>sambaPwdMustChange: 1251141930<br>
sambaDomainName: TURBOCORP<br>sambaAcctFlags: [XU]<br>sambaLMPassword: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX<br>sambaNTPassword: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX<br>sambaPwdLastSet: 1251143775<br>userPassword: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX<br>
<br><br><br>Best regards,<br><br>J. D.<br>