Bug 9675 - pdbedit shows wrong 'must change' entry
Summary: pdbedit shows wrong 'must change' entry
Status: NEW
Alias: None
Product: Samba 4.0
Classification: Unclassified
Component: Other (show other bugs)
Version: 4.0.2
Hardware: Other Linux
: P5 minor (vote)
Target Milestone: ---
Assignee: Andrew Bartlett
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-02-25 13:02 UTC by Marc Muehlfeld
Modified: 2013-02-25 13:02 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marc Muehlfeld 2013-02-25 13:02:14 UTC
I configured password expiry to 60 days via samba-tool:

# samba-tool domain passwordsettings show
...
Maximum password age (days): 60




In ADUC the "password never expires" entry is *not* checked for my account. So it would expire, but pdbedit shows "never":

# pdbedit -L -v muehlfeld
...
Password must change: never





If I check "password never expires" in ADUC, it shows:

# pdbedit -L -v muehlfeld
...
Password must change: Di, 19 Jan 2038 04:14:07 CET




The userAccountControl LDAP entry entains 512 when the option is not checked, and 66048 when checked.