That was the problem, and the solution.
Until recently, pam_smbpass would look at the 'expired' flag being passed by PAM and, if the Samba password was not expired, it would not effect a password change. However, since most people have password synchronization specifically in mind when stacking password modules, I've decided to ignore this flag -- upgrading pam_smbpass to a more recent version (e.g., 2.2.8a) should fix this problem for you. You should be able to upgrade pam_smbpass without affecting the rest of the Samba installation.
I have also updated my patch for migrate on password change to samba 2.2.8a which you might be interested in. With this patch, you can set the password for new accounts using pam (passwd) and it will store the unix & samba password.
The patch is here: http://uranus.it.swin.edu.au/~jn/linux/smbfs/pam_smb_passwd.patch3
And a page explaining it here: http://uranus.it.swin.edu.au/~jn/linux/smbfs/pam_smbpass.html
John.
-- Information Technology Innovation Group School of Information Technology Swinburne University of Technology Melbourne, Australia http://www.it.swin.edu.au/staff/jnewbigin
_______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
