Re: pam samba password expiration

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Joe,

> From: joe.morin@dominiondiagnostics.com
> To: pam-list@redhat.com
> Subject: pam samba password expiration
> Date: 27 Feb 2003 18:28:40 -0500
> 
> I have samba running on a Redhat 7.3 machine acting as a PDC with Win2k
> machines logging into the network.
> I have samba using pam for authentication (set 'obey pam restrictions =
> yes' and 'pam password change = yes' in my smb.conf file), My question
> concerns password aging.  How do I configure this using pam? Is this
> possible?
> It looks as if the /etc/pam.d/samba file calls system-auth which looks like
> this:
> 
> #%PAM-1.0
> 
> auth        required    /lib/security/pam_env.so
> auth        sufficient  /lib/security/pam_unix.so likeauth nullok
> auth        sufficient  /lib/security/pam_smb_auth.so use_first_pass
> nolocal
> auth        required    /lib/security/pam_deny.so
> 
> account           required    /lib/security/pam_unix.so
> 
> password    required    /lib/security/pam_cracklib.so retry=3 type=
> password    sufficient  /lib/security/pam_unix.so nullok use_authtok md5
> shadow
> password    required    /lib/security/pam_deny.so
> 
> session           required    /lib/security/pam_limits.so
> session           required    /lib/security/pam_unix.so
> 
> I'm new to pam so this may be a stupid question, but I'm guessing that I
> need to change the password entries, but I don't know where to start.
> How do I configure pam to enforce password expiration? Is it as simple as
> editing the /etc/shadow file? Or do I have to implement the pam password
> database?
> Any help would be greatly appreciated!

If I'm not terribly mistaken, you should just use something
like 'chage', which should be PAM-aware and set aging
for your users.

Hope this helps.

Cheers,
Allen.



_______________________________________________

Pam-list@redhat.com
https://listman.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux