Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 275
  • Last Modified:

Samba as PDC with domain segurity directives ?

Hello,

i have following question: We are using samba for file/printer sharing for a long time. Now we want to use the PDC facility to centralize passwords and logins. All works fine.

But, it is possible to maintain and use domain segurity directives from samba (linux) ? The most important feature will be the password expiration when users will be forced to change their password.

Thank you for your comments.
0
adminpeter
Asked:
adminpeter
  • 4
  • 2
1 Solution
 
LuxanaCommented:
Hi,

I solved this problem with program changepassword you can download it from http://sourceforge.net/project/showfiles.php?group_id=55009&release_id=169392

All you need to do is install apache for internal network. Compile and install changepassword program to your apache /cgi-bin directory.

Then all users can access this change password program from their local pc's :

http://yourlinuxbox/cgi-bin/changepassword.cgi

Program accept old UNIX password not samba password so you can leave new smbclients passwords blank and clients can change them any time they wont.

I'm using this program for more then 60 win98 clients without problems.

LUXANA

0
 
adminpeterAuthor Commented:
Hi LUXANA,

thank you for your comment. Yes i was thinking about a similiar solution. With changepasswd the user will be able to change their password, but they get not notified about the expiration.

When samba allows to specify a script/program to execute at login, maybe someone knows about a "program" that can do this: check password expiration in /etc/shadow and if expired or soon to expire give a message and a dialog to change then post new password back to server.

Maybe someone knows if the samba-team is working for such a thing for next realeases ?

Peter.
0
 
LuxanaCommented:
peter

 I know exactly what you mean I had same problem :) But I never solved it in that way so I used changepassword program. But maybe my link can help you:-)

http://www.experts-exchange.com/Operating_Systems/Linux/Linux_Setup/Q_20602402.html

Luxana
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
adminpeterAuthor Commented:
Ok that is my solution:

1. Switch to samba-3.

2. Using samba's preexec option in network shares. The script checks if the password is expired (or soon to be expired) by reading and processing /etc/shadow and notify the user with a Windows popup message (smbclient -M).

At the moment this is enough that the user get notified (and not forced) to change their password.
0
 
LuxanaCommented:
I'll try that last time when I was doing that I had much older version of samba

thanks

0
 
LuxanaCommented:
Hello adminpeter

have a look here this will be easy for you,

http://www.experts-exchange.com/Operating_Systems/Linux/Q_21134601.html

Luxana
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now