Samba PDC + Openldap password policy
Hello,
This is my setup: Samba server (samba3x) on CentOS 5.5 OpenLdap server (2.3) on CentOS 5.5 Using smbldaptool to add/configure users I have been trying to figure out the password policy configuration; but getting confused by a lot of suggestions. Here is what I want: 1. Need a method to specify that the password set, will expire every, say, 45 days 2. Password must be of 8 characters long, minimum one uppercase, one numeric and one nonalphanumeric (in effect, the same rules when you reset your Linux password using passwd) 3. Users must be able to use the same password both from Windows and Linux; sufficient to change the password in one platform ie a password changed from one platform (Linux or Windows) must be available to the other platform. 4. If possible remind the user of password expiry through email. Can somebody please direct me to the right direction? Please let me know if you need more information in this regard. Thanks |
BUMP!!!
|
BUMP
|
Hi I'm trying to do the same thing, have you managed to figure it out ?
Thx |
Hi bobbywan,
Of all the four I figured out only the third point. If you change the password on a Linux platform using 'passwd' it changes the password in the LDAP but only for the Linux platforms. On the other hand if you change the password from a Windows workstation, it changes password both for Windows and Linux. Using 'smbldap-passwd' command on a Linux machine, changes password both for Windows and Linux. I have not figured out the rest. Though, I am not actively searching for them, I am still in need of them. I shall update this thread if I have found them out. Please do so if you figured the ways out to achieve them. Thanks |
Found out one more guys.
If you set the Code:
obey pam restrictions = Yes Code:
ldapsearch -x -b dc=example,dc=com "(uid=username)" | grep sambaPwdMustChange Code:
date -d @<timestamp> Cheers |
All times are GMT -5. The time now is 07:10 AM. |