Hi Joe, > From: joe.morin@dominiondiagnostics.com > To: pam-list@redhat.com > Subject: pam samba password expiration > Date: 27 Feb 2003 18:28:40 -0500 > > I have samba running on a Redhat 7.3 machine acting as a PDC with Win2k > machines logging into the network. > I have samba using pam for authentication (set 'obey pam restrictions = > yes' and 'pam password change = yes' in my smb.conf file), My question > concerns password aging. How do I configure this using pam? Is this > possible? > It looks as if the /etc/pam.d/samba file calls system-auth which looks like > this: > > #%PAM-1.0 > > auth required /lib/security/pam_env.so > auth sufficient /lib/security/pam_unix.so likeauth nullok > auth sufficient /lib/security/pam_smb_auth.so use_first_pass > nolocal > auth required /lib/security/pam_deny.so > > account required /lib/security/pam_unix.so > > password required /lib/security/pam_cracklib.so retry=3 type= > password sufficient /lib/security/pam_unix.so nullok use_authtok md5 > shadow > password required /lib/security/pam_deny.so > > session required /lib/security/pam_limits.so > session required /lib/security/pam_unix.so > > I'm new to pam so this may be a stupid question, but I'm guessing that I > need to change the password entries, but I don't know where to start. > How do I configure pam to enforce password expiration? Is it as simple as > editing the /etc/shadow file? Or do I have to implement the pam password > database? > Any help would be greatly appreciated! If I'm not terribly mistaken, you should just use something like 'chage', which should be PAM-aware and set aging for your users. Hope this helps. Cheers, Allen. _______________________________________________ Pam-list@redhat.com https://listman.redhat.com/mailman/listinfo/pam-list
