9675 – pdbedit shows wrong 'must change' entry

Bug 9675 - pdbedit shows wrong 'must change' entry

Summary: pdbedit shows wrong 'must change' entry

Status:	NEW

Alias:	None

Product:	Samba 4.0
Classification:	Unclassified
Component:	Other (show other bugs)
Version:	4.0.2
Hardware:	Other Linux

Importance:	P5 minor (vote)
Target Milestone:	---
Assignee:	Andrew Bartlett
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2013-02-25 13:02 UTC by Marc Muehlfeld
Modified:	2013-02-25 13:02 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marc Muehlfeld 2013-02-25 13:02:14 UTC

I configured password expiry to 60 days via samba-tool:

# samba-tool domain passwordsettings show
...
Maximum password age (days): 60




In ADUC the "password never expires" entry is *not* checked for my account. So it would expire, but pdbedit shows "never":

# pdbedit -L -v muehlfeld
...
Password must change: never





If I check "password never expires" in ADUC, it shows:

# pdbedit -L -v muehlfeld
...
Password must change: Di, 19 Jan 2038 04:14:07 CET




The userAccountControl LDAP entry entains 512 when the option is not checked, and 66048 when checked.