Re: [Samba] How to get password expiration?
- Date: Wed, 1 Feb 2017 12:10:31 -0700
- From: Jeff Sadowski via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] How to get password expiration?
I want something like so on login
Last login: Wed Feb 1 10:47:53
Password Expires: Wed March 1 00:00:00
I just want them to know when their password expires.
On Wed, Feb 1, 2017 at 9:39 AM, mathias dufresne <infractory@xxxxxxxxx>
> You'd like to modify .bashrc to auto-disconnect user with expired
> password? I thought modern tools to use AD (SSSD, winbind, nslcd) would
> come with such a mechanism inside. I do believe to remember some Linux
> disconnecting me for "disabled user" or "expired password"...
> Anyway, don't put that into .bashrc, they can modify it. If you really go
> into that way, uses /etc/profile which is owned by root (normally).
> In AD (MS and Samba) I believe expiration is calculated. You take current
> date, you take pwdLastSet, you take password expiration policy and you
> check if password wasn't set to far from now.
> But I still believe a well written tool should manage these expirations
> automagically when it comes to tools responsible to retrieve users from AD.
> 2017-01-31 17:00 GMT+01:00 Jeff Sadowski via samba <samba@xxxxxxxxxxxxxxx>
>> my smb.conf looks as follows.
>> security = ads
>> realm = AD.MYDOMAIN.TLD
>> workgroup = AD
>> idmap config * : backend = tdb
>> idmap config * : range = 2000-7999
>> idmap config MIND:backend = ad
>> idmap config MIND:schema_mode = rfc2307
>> idmap config MIND:range = 8000-9999999
>> winbind nss info = rfc2307
>> winbind use default domain = yes
>> winbind enum users = yes
>> winbind enum groups = yes
>> restrict anonymous = 2
>> ldap server require strong auth = no
>> client ldap sasl wrapping = plain
>> I'm connected to an Windows 2008 based Active Directory environment
>> Is there a linux command users can run to get their password expiration
>> that they could run from their .bashrc files?
>> I searched the wiki and the mailing list but couldn't find what I am
>> looking for.
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
To unsubscribe from this list go to the following URL and read the