Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Samba as PDC with domain segurity directives ?

Posted on 2004-09-14
6
Medium Priority
?
273 Views
Last Modified: 2013-12-15
Hello,

i have following question: We are using samba for file/printer sharing for a long time. Now we want to use the PDC facility to centralize passwords and logins. All works fine.

But, it is possible to maintain and use domain segurity directives from samba (linux) ? The most important feature will be the password expiration when users will be forced to change their password.

Thank you for your comments.
0
Comment
Question by:adminpeter
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 10

Accepted Solution

by:
Luxana earned 375 total points
ID: 12052014
Hi,

I solved this problem with program changepassword you can download it from http://sourceforge.net/project/showfiles.php?group_id=55009&release_id=169392

All you need to do is install apache for internal network. Compile and install changepassword program to your apache /cgi-bin directory.

Then all users can access this change password program from their local pc's :

http://yourlinuxbox/cgi-bin/changepassword.cgi

Program accept old UNIX password not samba password so you can leave new smbclients passwords blank and clients can change them any time they wont.

I'm using this program for more then 60 win98 clients without problems.

LUXANA

0
 

Author Comment

by:adminpeter
ID: 12052091
Hi LUXANA,

thank you for your comment. Yes i was thinking about a similiar solution. With changepasswd the user will be able to change their password, but they get not notified about the expiration.

When samba allows to specify a script/program to execute at login, maybe someone knows about a "program" that can do this: check password expiration in /etc/shadow and if expired or soon to expire give a message and a dialog to change then post new password back to server.

Maybe someone knows if the samba-team is working for such a thing for next realeases ?

Peter.
0
 
LVL 10

Expert Comment

by:Luxana
ID: 12052276
peter

 I know exactly what you mean I had same problem :) But I never solved it in that way so I used changepassword program. But maybe my link can help you:-)

http://www.experts-exchange.com/Operating_Systems/Linux/Linux_Setup/Q_20602402.html

Luxana
0
Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

 

Author Comment

by:adminpeter
ID: 12073104
Ok that is my solution:

1. Switch to samba-3.

2. Using samba's preexec option in network shares. The script checks if the password is expired (or soon to be expired) by reading and processing /etc/shadow and notify the user with a Windows popup message (smbclient -M).

At the moment this is enough that the user get notified (and not forced) to change their password.
0
 
LVL 10

Expert Comment

by:Luxana
ID: 12073168
I'll try that last time when I was doing that I had much older version of samba

thanks

0
 
LVL 10

Expert Comment

by:Luxana
ID: 12083259
Hello adminpeter

have a look here this will be easy for you,

http://www.experts-exchange.com/Operating_Systems/Linux/Q_21134601.html

Luxana
0

Featured Post

URL rewriting in AWS CloudFront

A quick how-to guide to implement with a Lambda function!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Over the last ten+ years I have seen Linux configuration tools come and go. In the early days there was the tried-and-true, all-powerful linuxconf that many thought would remain the one and only Linux configuration tool until the end of times. Well,…
Using 'screen' for session sharing, The Simple Edition Step 1: user starts session with command: screen Step 2: other user (logged in with same user account) connects with command: screen -x Done. Both users are connected to the same CLI sessio…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question