[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: shadowMax

To: openldap-technical@openldap.org
Subject: Re: shadowMax
From: Dorit <dorite@technion.ac.il>
Date: Thu, 31 May 2012 12:19:24 +0300
In-reply-to: <4FC72613.1010602@gmail.com>
References: <4FC72613.1010602@gmail.com>
User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20120428 Thunderbird/12.0.1

shadowMax means how long the password will remain valid. "0" means never. You need to manipulate the attribute shadowLastChange, which says when the password was last changed. Together with the shadowMax attribute, you can determine when the password will expire.
Dorit.

On 5/31/2012 11:04 AM, zingalo wrote:

good morning, I've a question about password managing in ldap with samba. I've seen that samba schema's attributes don't have effect on password managing. Only shadowAccount's attribute do it. So i changed shadowMax to "0" for a user and at the next login it tells me

"You are required to change your password immediately (password aged) LDAP administrator password: "

After entering ldap admin's password it tells me

"Authentication token manipulation error".

Why? the admin'password is correct, am sure

Thanks

Follow-Ups:
- Re: shadowMax
  - From: zingalo <lozingalo@gmail.com>

References:
- shadowMax
  - From: zingalo <lozingalo@gmail.com>

Prev by Date: shadowMax
Next by Date: Re: dsaOperation attributes, relax control and syncrepl
Index(es):
- Chronological
- Thread