[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: shadowMax

and is it possible to change an attribute (in my case shadowMax) to many entries belonging to the same group in one time?

On 05/31/2012 11:44 AM, zingalo wrote:

On 05/31/2012 11:19 AM, Dorit wrote:
shadowMax means how long the password will remain valid. "0" means
never. You need to manipulate the attribute shadowLastChange, which says
when the password was last changed. Together with the shadowMax
attribute, you can determine when the password will expire.

On 5/31/2012 11:04 AM, zingalo wrote:
good morning, I've a question about password managing in ldap with
samba. I've seen that samba schema's attributes don't have effect on
password managing. Only shadowAccount's attribute do it. So i changed
shadowMax to "0" for a user and at the next login it tells me

"You are required to change your password immediately (password aged)
LDAP administrator password: "

After entering ldap admin's password it tells me

"Authentication token manipulation error".

Why? the admin'password is correct, am sure