Is there a way to make a samba client participating in an Active Directory environment change its computer account password in the domain on a regular basis? (More information about computer account passwords in this Microsoft blog.)
We clean up "stale" computer accounts occasionally, and we identify candidates for cleanup by the age of the computer account password. This works great for Windows, but we find our non-Windows systems don't manage that value like Windows does. I know the setting to make a NetApp Filer maintain its password (options cifs.weekly_W2K_password_change on), just looking for the same type of setting on samba or other *nix systems that can participate in Active Directory.
Thanks for any help you can provide!
Best Answer
A cron-job with
net ads changetrustpwrun as root in it should accomplish what you're looking for.