Hi All - Quick question. Is there anyway that when a user first invokes Samba to map to a network share that they are asked to change their (samba) password.
I've got a whole bunch of (samba) users who all have been given the same password and I want them to have to change it to one of their own choosing upon first login.
I asked my user to login into the box with there unix passwd and give smbpasswd and change there samba passwd.
[surajks@rspc521 surajks]$ smbpasswd Old SMB password: New SMB password: Retype new SMB password: Password changed for user surajks [surajks@rspc521 surajks]$
Hi all again, It is just a simple Samba installation on an HPUX 11.11 box. We map a Unix folder as a shared drive onto the users laptop. The user has a Unix password and a Samba password. Is there anything that we can implement to make the user change the password the first time they map the share.
I assume that you have a Samba PDC (security = user) with a passdb backend of tdbsam or ldapsam. If so, then you set domain policies with pdbedit. I believe that you have to set the "user must change password" attribute *and* the "password age" attribute to 0 (for each user) to make it happen at the next logon.
Yes I have tried that - this is a one off password change for the users. They all have the same password at the beginning (there are about 100 users) and I want them to change the password upon their first login to the relevant share. That is the only time they should change their password. They are not logging into the HP box but from their laptop when mapping the share. Can this be done when they are asked for their user id / password when mapping the network drive to the unix folder via the users laptop.
In any case, a client can change their domain password when logging into the domain (a Windows domain or a Samba domain). Assuming (now) that you are using "server" and your Samba server is not joined to the domain (of the client), then I don't know how a client would change a password (smbpasswd) when mounting a share.
Hi Mark, If "security = user", then your Samba server is a PDC/BDC in a Samba domain, and the client should have to logon to the domain for authentication. At domain logon time is when the password change is prompted for, not at the share mount. If you have changed the policies with pdbedit, then the client needs to logoff the domain and log back on to make the change. I do not know of a way to prompt for a new password in a domain when the client is already logged on.
