How to keep track of password ages using samba?

asked 2016-09-16 04:45:22 -0500

snoop gravatar image

I am using Fedora 24 and Samba version is 4.4.5. I have configured samba using authentication mode as User. Also, recently I changed samba password using smbpasswd -r domainname -U username this changes the password for windows domain account.

Note that I have different user on Linux and Windows domain account and I already tried pdbedit command with no luck.

sudo pdbedit -L -v command gives no oputput.

Is there any command by which we can get information about password age?

edit retag flag offensive close merge delete

Comments

I am not sure about Samba in this context, but if you were to use SSSD with AD backend, you would get warnings about the password expiring.

"Is there any command by which we can get information about password age?"

You can see when the password was last changed within an LDAPSEARCH:

$ ldapsearch -h 192.168.100.200 -D Administrator@AD.SOMEWHERE.COM -W -b dc=ad,dc=somewhere,dc=com samaccountname=tom pwdLastSet

The above example will show the last time Tom's password was changed in EPOCH. You should be able to compare this value to the AD policy for password aging.

Striker gravatar imageStriker ( 2016-09-16 08:01:56 -0500 )edit