Bug 3975 - Samba client reports password expires when group policy says it never does
Samba client reports password expires when group policy says it never does
Status: RESOLVED DUPLICATE of bug 3969
Product: Samba 3.0
Classification: Unclassified
Component: winbind
3.0.23a
x64 Linux
: P3 major
: none
Assigned To: Samba Bugzilla Account
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2006-07-28 13:10 UTC by Shannon Johnson
Modified: 2006-08-04 12:21 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Shannon Johnson 2006-07-28 13:10:33 UTC
We have a Windows 2003 R2 server with a group policy set so once the user changes their password for the first time, the password never expires. However, starting with Samba 3.0.23a (the last known good version that I tested was 3.0.21c), the user gets a message saying their password has expired and it prompted to change it. This message goes away if we manually check the "Password never expires" in the active directory for that user, but we can't do that until after the user changes their password for the first time (otherwise it removes the "User must change password" check).

The syslog says "pam_sm_acct_mgmt success but pam_winbind_new_authtok_reqd is set".
Comment 1 Shannon Johnson 2006-07-28 13:12:37 UTC
I tried 3.0.23a on both x86 and x86_64 platforms with the same results.
Comment 2 Shannon Johnson 2006-07-31 13:37:13 UTC
The temporary solution is to change the group policy to expire the password in 999 days, rather than never (or, as it turns out, is "0" days). It'd be nice if Samba could interpret the 0 days as "never" though...
Comment 3 Gerald (Jerry) Carter 2006-08-04 12:21:07 UTC

*** This bug has been marked as a duplicate of 3969 ***