Changing password on unix client joined to AD
in [Samba]
|
From: k.maksimov on 27 Jul 2010 09:50 Lorenzo Milesi wrote: > Hi. > > I've set up a Samba PDC on Debian, working fine with XP Clients. > > I'm now trying to have a linux client join the domain. I managed to do that, but I cannot handle password expiration. When the domain pass is expired, in GDM I see a message "Your password is expired" but the user can log in anyway. > > I used the following guide to configure my Linux client, which is an Ubuntu 10.04: > https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto > > Configured PAM using pam-auth-update. > common-auth is: > auth [success=2 default=ignore] pam_unix.so nullok_secure > auth [success=1 default=ignore] pam_winbind.so krb5_auth krb5_ccache_type=FILE cached_login use_first_pass > > common-password > password [success=2 default=ignore] pam_unix.so obscure sha512 > password [success=1 default=ignore] pam_winbind.so use_authtok use_first_pass > > nsswitch.conf > passwd: files winbind > group: files winbind > shadow: files winbind > hosts: files dns > > > What should I change? > thanks > GDM not support this feature: https://bugs.launchpad.net/ubuntu/+source/gdm/+bug/114620 if you want, you can hack gdm) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Lorenzo Milesi on 28 Jul 2010 10:10 ----- Messaggio originale ----- > GDM not support this feature: > https://bugs.launchpad.net/ubuntu/+source/gdm/+bug/114620 > > if you want, you can hack gdm) This sounds strange, because Googling around I found some infos about GDM allowing password change... I don't know if this could be a problem of the "new" GDM or what... -- Lorenzo Milesi - lorenzo.milesi(a)yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ Via Torri Tarelli 19 - 23900 Lecco - ITALY - Tel 0341 220 205 - Fax 178 6070 222 GPG/PGP Key-Id: 0xE704E230 - http://keyserver.linux.it -------- D.Lgs. 196/2003 -------- Si avverte che tutte le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario. Nel caso in cui questo messaggio Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo, a non inoltrarlo a terzi e ad avvertirci non appena possibile. Grazie. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: k.maksimov on 29 Jul 2010 02:40 Lorenzo Milesi wrote: > ----- Messaggio originale ----- > >> GDM not support this feature: >> https://bugs.launchpad.net/ubuntu/+source/gdm/+bug/114620 >> >> if you want, you can hack gdm) >> > > This sounds strange, because Googling around I found some infos about GDM allowing password change... > > I don't know if this could be a problem of the "new" GDM or what... > oh sorry, I was inattentive. mb this can fix problem: "echo auth required pam_deny.so>>/etc/pam.d/common-auth && echo password required pam_deny.so>>/etc/pam.d/common-password" ? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: k.maksimov on 29 Jul 2010 02:50 k.maksimov wrote: > Lorenzo Milesi wrote: >> ----- Messaggio originale ----- >> >>> GDM not support this feature: >>> https://bugs.launchpad.net/ubuntu/+source/gdm/+bug/114620 >>> >>> if you want, you can hack gdm) >>> >> >> This sounds strange, because Googling around I found some infos about >> GDM allowing password change... >> >> I don't know if this could be a problem of the "new" GDM or what... >> > oh sorry, I was inattentive. mb this can fix problem: "echo auth > required pam_deny.so>>/etc/pam.d/common-auth && echo password required > pam_deny.so>>/etc/pam.d/common-password" ? > > sorry, s/required/requisite/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Lorenzo Milesi on 30 Jul 2010 06:30 > oh sorry, I was inattentive. mb this can fix problem: "echo auth > required pam_deny.so>>/etc/pam.d/common-auth && echo password required > pam_deny.so>>/etc/pam.d/common-password" ? sadly not. these are my files: common-auth: auth [success=2 default=ignore] pam_unix.so nullok_secure auth [success=1 default=ignore] pam_winbind.so krb5_auth krb5_ccache_type=FILE cached_login use_first_pass auth requisite pam_deny.so auth required pam_permit.so common-password: password [success=1 default=ignore] pam_winbind.so debug use_first_pass password [success=2 default=ignore] pam_unix.so obscure sha512 password requisite pam_deny.so password required pam_permit.so password optional pam_gnome_keyring.so even commenting the pam_permit lines, nothing changes. thanks -- Lorenzo Milesi - lorenzo.milesi(a)yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ Via Torri Tarelli 19 - 23900 Lecco - ITALY - Tel 0341 220 205 - Fax 178 6070 222 GPG/PGP Key-Id: 0xE704E230 - http://keyserver.linux.it -------- D.Lgs. 196/2003 -------- Si avverte che tutte le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario. Nel caso in cui questo messaggio Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo, a non inoltrarlo a terzi e ad avvertirci non appena possibile. Grazie. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
|
Pages: 1 Prev: [Samba] Changing password on unix client joined to AD Next: [Samba] [samba] DNS update failed! |