samba-users May 2010 archive
Main Archive Page > Month Archives  > samba-users archives
samba-users: Re: [Samba] Samba4 and group policy password policy

Re: [Samba] Samba4 and group policy password policy

From: Andrew Dumaresq <dumaresq_at_nospam>
Date: Sat May 15 2010 - 12:17:44 GMT
To: Christophe Deze <>


I am not sure if this a bug or a feature with Samba, but what is
happening here is the LDAP server has the complexities in LDAP, and
changing the Group Policy doesn't seem to have any impact (at least I
wasn't able to fix it). I ended up having to manually edit the LDAP

Sadly I can't remeber how I modified ldap now. It was months ago.
Probably it would be easier to do modify the python script at install time.


On 05/15/2010 02:42 AM, Christophe Deze wrote:
> Hello
> I had the same problem during my test of samba.
> I disabled complexity requierement ...
> I can't change password with a simple one.
> I miss something ?
> thanks
> Le 14/04/2010 14:31, Santiago Perez Agra a écrit :
>> Hi every one, I'm testing Samba4 with the guide posted on the wiki
>> all
>> our tests results ok but one of them crash:
>> Group Policy works ok on a new organizational unit in deploy security
>> task
>> over desktop users but when i create a new user over this ou, with the
>> dsa.msc group policy> Computer Configuration> Windows Settings>
>> Security
>> Settings> Account Policies> Password Policy> Password must need
>> complexity requirement set as "Not defined" but when dsa.msc asks you
>> about
>> the new password of the user it answer that you need to meet this
>> restrictions, this can be avoid with the linux samba command net newuser
>> ... but what does happen when a user is asked about to change your
>> password
>> because password age is next to expire ...
>> Our goal is to replace all windows XP desktops to ubuntu desktops but we
>> have a number of desktops that is not possible to change XP so we
>> need to
>> implement an AD alternative and Samba 4 is perfect, with group policy
>> support now.
>> Thanks a lot in advance to all of you

-- To unsubscribe from this list go to the following URL and read the instructions: