I am a self-made system administrator (we have a real one, too) with access to three FreeBSD servers on our Intranet, each dancing samba for Windows clients.
From time to time I experience that one or the other user cannot connect to his (her) own user directory on one or other server.
It seems as if the FreeBSD servers sometimes 'forget' user's passwords, or set new passwords automatically (which new passwords are not known to anyone). In such cases I have to set the old password of the user concerned and everything is OK again.
However, I am worried about the fact of mysteriously changing passwords.
Did anyone experience such behaviour with FreeBSD (or Samba)? What can be the reason?

that's ridiculous.

More than likely the problem is that the user changes
password on the windows machine? Unless you got password set to expire on the BSD boxes?
Also keep in mind samba has it's own password file.
I don't believe (by default) either the samba or Unix password is sync when the Win password is chagnes.

Well, that's ridiculous and I would really laugh if it was not me who has to re-set the original passwords from time to time.

And, actually not the samba password changes but the user password in FreeBSD, as once the password has changed the user cannot connect via SSH, either.

(Naturally, it is me who tries to connect via SSH just to give it a try, since the Windows users have never heard about SSH)

What's ridiculous about FreeBSD/Unix expiring passwords?

What are these accounts used for, are they just used for
samba shares, or do users actually login into them via
telnet, ssh, ftp etc?

The passwd man page (man passwd) discusss this under
"Password expiry information"

Check /etc/default, is there a file called sometihing like useradd? I

Unix may be cryptic, but it's not random.

I guess the reason i find it odd is that if that's the expiring passwords causing this, i'm not aware of a system that does that by default. seems the admin would have to enable that theirselves, no? So in that case they should be aware of it?

I've never heard of this happeing, in 7 years of working with *nix.

But I'm still waiting for a answer to the guestion about what type of accounts are talking about: users logging into shell accounts or accounts just used for samba?

The only other suggestion would be to post it a FreeBSD mail list. When you review the FreeBSD docs, you didn't
see anytihng?


BTW, If we were talking OpenBSD instead I wouldn't supprise be at all if Theo and the gang put password aging in my default

I hope you kids appreciate me doing you homework for you.

Take a close look at the these two entries from /etc/shadow;
davej is a standard user acouunt with no expiratiion.
timeout has the password/accouint set to expire on Aug 09, 2002.
Question what the difference between these two accounts setup?

slacker:root >> egrep "davej|timeout" /etc/shadow
davej:$1$Al8skv7x$7kMZUDeL9CZKpUwu3rbNz/:11875:0:99999:7:::
timeout:$1$AYE/GDw8$ibjg6ohOuvhUTn4jLk87j1:11877:0:99999:7::11908:

Now I've set the in active days to "13" notice the 13 in the /etc/shadow record:

timeout:$1$AYE/GDw8$ibjg6ohOuvhUTn4jLk87j1:11877:0:99999:7:13:11908