First off - Thanks in advance for any positive help anyone can provide on this. Your time is very much appreciated.
My setup is as follows:
(Hardware) HP ProLiant DL380 G5
(Software) ESXi 5.0 running a virtual machine of FreeNAS 8.2.0-BETA4 (because a native install kernel panics)
(Services) I *only* have CIFS running on this server, nothing else is needed. It's purpose is simply to be a repository server for around 20 users.
Since I don't need a scalable solution, I decided to steer away from ldapsam, and use "passdb backend = tdbsam".
The Caveats:
The user accounts on the server cannot have shell access, and there must be a 90 day password expiry policy on each of them.
I am able to set the password expiry policy successfully to 90 days using the following command:
"pdbedit -v -P 'maximum password age' -C 7776000"
My problem / issue:
After testing to see if the password expiration is actually working (by setting a lower expiration time), from within windows I am not presented with a "enter new password" window. The password is just not accepted and the user is unable to change their password and locks them out of their account.
Is there something that I'm missing? Is this something that ldapsam is needed for and tdbsam just doesn't do?
My setup is as follows:
(Hardware) HP ProLiant DL380 G5
(Software) ESXi 5.0 running a virtual machine of FreeNAS 8.2.0-BETA4 (because a native install kernel panics)
(Services) I *only* have CIFS running on this server, nothing else is needed. It's purpose is simply to be a repository server for around 20 users.
Since I don't need a scalable solution, I decided to steer away from ldapsam, and use "passdb backend = tdbsam".
The Caveats:
The user accounts on the server cannot have shell access, and there must be a 90 day password expiry policy on each of them.
I am able to set the password expiry policy successfully to 90 days using the following command:
"pdbedit -v -P 'maximum password age' -C 7776000"
My problem / issue:
After testing to see if the password expiration is actually working (by setting a lower expiration time), from within windows I am not presented with a "enter new password" window. The password is just not accepted and the user is unable to change their password and locks them out of their account.
Is there something that I'm missing? Is this something that ldapsam is needed for and tdbsam just doesn't do?
