A very strange SWAT: unix and samba password
fajarpri at arinet.org
Mon Mar 26 09:51:31 UTC 2012
My setup is:
Ubuntu 10.04.3 LTS
I apply min password age both on Unix and Samba.
I test SWAT and it seems to be working fine, except after few days I
notice that changing password from SWAT doesn't modify the "Last
password change" on unix password.
As the result now the info on my account is:
- Unix last password change: Mar 25, 2012
- Samba last password change: Mar 26, 2012.
I try to change password from SWAT again today (Mar 26), and surely SWAT says:
machine 127.0.0.1 rejected the password change: Error was : Account restriction.
The passwd has NOT been changed.
[2012/03/26 15:33:30, 1] smbd/chgpasswd.c:1124(change_oem_password)
user fajar cannot change password now, must wait until Tue, 27 Mar
2012 15:33:30 SGT
This is the funny thing begins:
- Unix account is changed by SWAT. But the Last password change is still Mar 25.
- Samba account not changed. But after 1 minute (I think), samba
password is changed too. Match the unix password!!!
security = user
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
Why so strange?
- Why SWAT manages to change the unix password but not update the Last
password change date?
- Why after 1 minute, the samba password got synched with unix password?
Any more info you need from me, pls me know.
P.S. I have an identical setup on Centos, and it doesn't have this problem.
More information about the ubuntu-users