Hi, This is an enhancement to samba 2.2.8a when used in conjunction with ldap as db backend. Imagine Samba is used as a NT domain controller, ldap is used as database backend, samba is configured with a passwd program so that users can change their password using standard windows routine. At log in time samba 2 reads in all user values from ldap and stores them in memory. When a user changes his password samba writes back the new password to ldap, BUT it does NOT recalculate the pwdMustChange value (stores the number of days until the user has to change his password again) but always writes back the original value it stored in memory at log in time. This is 1.) useless and 2.) you can modify the pwdMustChange value by modifying the passwd program and prevent samba from writing back the original values. This updated ebuild and patch just do that: prevent samba from writing back the pwdMustChange value. This patch does not have ANY impact on samba implementations with or without ldap. It only makes a difference if you want to change pwdMustChange value in ldap from within passwd program. Therefore it is save to use. best regards, Michael
Created attachment 29333 [details] samba-2.2.8a-r1.ebuild
Created attachment 29334 [details] samba-pdb_ldap-pwdMustChange.patch
Comment on attachment 29334 [details] samba-pdb_ldap-pwdMustChange.patch this should go into files directory
is there still interest in the 2.2.x series ? if yes, please reopen the bug, i'm closing it now, as 3.x has been the stable version for quite some time now. (and offers an ldap_compat backend)