samba-users July 2010 archive
Main Archive Page > Month Archives  > samba-users archives
samba-users: [Samba] Changing password on unix client joined to

[Samba] Changing password on unix client joined to AD

From: Lorenzo Milesi <lorenzo.milesi_at_nospam>
Date: Tue Jul 27 2010 - 13:14:10 GMT
To: samba@lists.samba.org

Hi.

I've set up a Samba PDC on Debian, working fine with XP Clients.

I'm now trying to have a linux client join the domain. I managed to do that, but I cannot handle password expiration. When the domain pass is expired, in GDM I see a message "Your password is expired" but the user can log in anyway.

I used the following guide to configure my Linux client, which is an Ubuntu 10.04:
https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto

Configured PAM using pam-auth-update.
common-auth is:
auth [success=2 default=ignore] pam_unix.so nullok_secure
auth [success=1 default=ignore] pam_winbind.so krb5_auth krb5_ccache_type=FILE cached_login use_first_pass

common-password
password [success=2 default=ignore] pam_unix.so obscure sha512
password [success=1 default=ignore] pam_winbind.so use_authtok use_first_pass

nsswitch.conf
passwd: files winbind
group: files winbind
shadow: files winbind
hosts: files dns

What should I change?
thanks
-- Lorenzo Milesi - lorenzo.milesi@yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ Via Torri Tarelli 19 - 23900 Lecco - ITALY - Tel 0341 220 205 - Fax 178 6070 222 GPG/PGP Key-Id: 0xE704E230 - http://keyserver.linux.it -------- D.Lgs. 196/2003 -------- Si avverte che tutte le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario. Nel caso in cui questo messaggio Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo, a non inoltrarlo a terzi e ad avvertirci non appena possibile. Grazie. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba