Web lists-archives.com

Re: [Samba] remote password change, if password is expired

Hi Peer-Joachim,

we have a couple of users which "forget" to change the passwords even if
they get an reminder.
Normally we tell them to use a windows machine, where you can change
your password if it's expired.

But how can a remote user change his password if it's expired ?

Is there any secure solution for this  ?

"Normally we tell them to use a windows machine" -> so I'll assume you are on a Linux machine. I think you'll have to do your expired password update through an LDAP query. You can get some inspiration from this page [1] or from the bugzilla entry [2] of the recent security issue. In any case you'll need to have SSL, and I guess a valid (from your desktop point of view) certificate on your DC, to use this type of LDAP query.



[1] https://www.cs.bham.ac.uk/~smp/resources/ad-passwds/
[2] https://bugzilla.samba.org/show_bug.cgi?id=13272#c1

Denis Cardon
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint Sébastien sur Loire
tel : +33 (0)

Samba install wiki for Frenchies : https://dev.tranquil.it
WAPT, software deployment made easy : https://wapt.fr

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba