[prev in list] [next in list] [prev in thread] [next in thread]
List: pam-list
Subject: Re: pam samba password expiration
From: Allen Van Der Ross <allen () ct ! spi ! co ! za>
Date: 2003-03-01 5:50:56
[Download RAW message or body]
Hi Joe,
> From: joe.morin@dominiondiagnostics.com
> To: pam-list@redhat.com
> Subject: pam samba password expiration
> Date: 27 Feb 2003 18:28:40 -0500
>
> I have samba running on a Redhat 7.3 machine acting as a PDC with Win2k
> machines logging into the network.
> I have samba using pam for authentication (set 'obey pam restrictions =
> yes' and 'pam password change = yes' in my smb.conf file), My question
> concerns password aging. How do I configure this using pam? Is this
> possible?
> It looks as if the /etc/pam.d/samba file calls system-auth which looks like
> this:
>
> #%PAM-1.0
>
> auth required /lib/security/pam_env.so
> auth sufficient /lib/security/pam_unix.so likeauth nullok
> auth sufficient /lib/security/pam_smb_auth.so use_first_pass
> nolocal
> auth required /lib/security/pam_deny.so
>
> account required /lib/security/pam_unix.so
>
> password required /lib/security/pam_cracklib.so retry=3 type=
> password sufficient /lib/security/pam_unix.so nullok use_authtok md5
> shadow
> password required /lib/security/pam_deny.so
>
> session required /lib/security/pam_limits.so
> session required /lib/security/pam_unix.so
>
> I'm new to pam so this may be a stupid question, but I'm guessing that I
> need to change the password entries, but I don't know where to start.
> How do I configure pam to enforce password expiration? Is it as simple as
> editing the /etc/shadow file? Or do I have to implement the pam password
> database?
> Any help would be greatly appreciated!
If I'm not terribly mistaken, you should just use something
like 'chage', which should be PAM-aware and set aging
for your users.
Hope this helps.
Cheers,
Allen.
_______________________________________________
Pam-list mailing list
Pam-list@redhat.com
https://listman.redhat.com/mailman/listinfo/pam-list
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic