LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 04-12-2011, 09:59 AM   #1
guna_pmk
Member
 
Registered: Sep 2008
Posts: 220

Rep: Reputation: 5
Samba PDC + Openldap password policy


Hello,

This is my setup:

Samba server (samba3x) on CentOS 5.5
OpenLdap server (2.3) on CentOS 5.5
Using smbldaptool to add/configure users

I have been trying to figure out the password policy configuration; but getting confused by a lot of suggestions. Here is what I want:

1. Need a method to specify that the password set, will expire every, say, 45 days
2. Password must be of 8 characters long, minimum one uppercase, one numeric and one nonalphanumeric (in effect, the same rules when you reset your Linux password using passwd)
3. Users must be able to use the same password both from Windows and Linux; sufficient to change the password in one platform ie a password changed from one platform (Linux or Windows) must be available to the other platform.
4. If possible remind the user of password expiry through email.

Can somebody please direct me to the right direction?

Please let me know if you need more information in this regard.

Thanks
 
Old 04-14-2011, 06:18 AM   #2
guna_pmk
Member
 
Registered: Sep 2008
Posts: 220

Original Poster
Rep: Reputation: 5
BUMP!!!
 
Old 06-28-2011, 05:02 AM   #3
guna_pmk
Member
 
Registered: Sep 2008
Posts: 220

Original Poster
Rep: Reputation: 5
BUMP
 
Old 11-03-2011, 11:37 AM   #4
bobbywan
LQ Newbie
 
Registered: Jan 2011
Location: Lille, France
Posts: 4

Rep: Reputation: 0
Hi I'm trying to do the same thing, have you managed to figure it out ?

Thx
 
Old 11-04-2011, 05:05 AM   #5
guna_pmk
Member
 
Registered: Sep 2008
Posts: 220

Original Poster
Rep: Reputation: 5
Hi bobbywan,

Of all the four I figured out only the third point.

If you change the password on a Linux platform using 'passwd' it changes the password in the LDAP but only for the Linux platforms. On the other hand if you change the password from a Windows workstation, it changes password both for Windows and Linux. Using 'smbldap-passwd' command on a Linux machine, changes password both for Windows and Linux.

I have not figured out the rest. Though, I am not actively searching for them, I am still in need of them. I shall update this thread if I have found them out. Please do so if you figured the ways out to achieve them.

Thanks
 
Old 01-09-2012, 04:27 AM   #6
guna_pmk
Member
 
Registered: Sep 2008
Posts: 220

Original Poster
Rep: Reputation: 5
Found out one more guys.

If you set the

Code:
obey pam restrictions = Yes
attribute in the [general] section in of smb.conf (and restart samba), samba will obey the pam password expiry (note that the users will immediately be denied access to samba resources and will be required to change their passwords, if the password has already expired on pam). To check the password expiry date of a user, issue

Code:
ldapsearch -x -b dc=example,dc=com "(uid=username)" | grep sambaPwdMustChange
This will display the password time in unix time stamp. To get the timestamp converted to a readable date issue

Code:
date -d @<timestamp>
I still have to figure out the password policy yet.

Cheers

Last edited by guna_pmk; 01-09-2012 at 04:29 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Samba Openldap PDC can not change password from Windows XP client huynguyen Linux - Server 2 01-04-2012 01:44 AM
Samba issue (SAMBA and OpenLDAP for PDC) nyu2009 Linux - Server 1 08-01-2009 12:00 PM
Cannot change password in Windows XP using Samba as a PDC jtyler1383 Linux - Server 3 09-11-2007 08:28 PM
Apply NT4 policy to XP machine with samba PDC paul_mat Linux - Networking 2 02-21-2006 07:50 AM
OpenLDAP & samba PDC paul_mat Linux - Networking 5 08-26-2005 01:01 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 12:10 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration