I am using samba 3.0.25b and using tdbsam back end. I want to enforce
password policy "User must change password on next logon". I assume
this can be done by changing "password must change" value in the tdbsam
user record using pdbedit. But the below command is not working for me,
pdbedit --pwd-must-change-time="2010-01-01" \
Though i made it happen using net command.
Appreciate if you can give a solution for this :) Reportedly one of the official
maintainer of samba how to's claimed it is not working with 3.0.29 too..
On Friday 23 May 2008 06:21:56 am you wrote:
> > pdbedit --pwd-must-change-time="2010-01-01" \
> > --time-format="%Y-%m-%d" username
Please file a Bugzilla bug report. It appears to be broken in 3.0.29. I can
reproduce the problem. Thanks for making us aware of this.
- John T.
Thanks in advance,
there is no such option like the one you mentinoned. Forcing a user password change is done by setting pwdLastSet to 0. Afaiks pdbedit has no way to do that, you need to use "net sam set pwdmustchangenow ..."