How to make Samba users change password on first use
I work on a small (200 node) network with a Samba file server. Password authentication is done against the passwd file on the file server, rather than on an LDAP server, for example. Clients are Win2K.
From time to time a user will lose/forget his/her password. In this instance, we normally reset the password and inform the user of what it is. What I would really like to do is ensure that the user can only use that "known" password once -- that he/she will have to change it to something only he/she knows the very first time it is used.
Lest you think I am being overly careful, our agency is spread out over 4 locations, has very high turnover of employees, and is required to comply with the fairly strict HIPAA electronic security guidelines. The server in question has private information on it that we are required to make available to only those who have a need to use it.
I have looked at various sources of Samba information, official and unofficial, and have read manual pages at length. I don't see how to do this. Is there someone out there who has solved this problem? Failing that, I'm open to suggestions for an alternative plan.