Since a few months ago Samba ask each of our users to change password at log on every 45 days (the default) and I have not been able to disable it. This setup had been running for 2 years before then without password expiration (as intended). I'm using Samba 3.4.7 + OpenLDAP 2.4.21 on Ubuntu 10.04-2 LTS
I found this page and follow the instructions:
http://playingwithsid.blogspot.com/2010/12/change-samba-password-expiry-setting.html
The default ‘Password Must Change’ policy was set to never and pdbedit/net sam shows ‘Password Must Change: never’ for each user, yet the passwords still get expire every 45 days.
I also checked LDAP too already. For the domain record, "sambaMaxPwdAge" is shown to be -1 as it should. For each user, "sambaPasswordCanChange" is 0, "sambaPasswordLastSet" is the correct password last changed time in epoch. There's no "sambaPasswordMustChange" for user records.
for /etc/smbldap-tools/smbldap.conf, the following line is commented out
@defaultMaxPasswordAge="45"
Can anyone help?
Best Answer
In my opinion it has to do with a default setup of samba. Even if you overrode on the single users'record, still a general default is enforcing the max age.
Would you please explore the
commands?