Home / server / Questions / 551742
Accepted
Canadian Luke
Asked: 2013-11-09 13:21:43 +0800 CST

Restrict SMB user from changing password

  • 772

On a server running Debian Wheezy and Samba ver 3 with a tdb backend, how do I restrict a single user from changing the password? This account is one of 2 generic accounts, one for students and one for Teachers on Call (TOC). The users are created, but I'm not deploying the server yet. When looking through Google, I came across setting the maximum password age, but not setting the minumum password age (I'd be happy with a 5 year password...)

samba

1 Answers

  1. Best Answer

    Found the answer, talking with another IT fellow.

    When adding (or updating) the user, change the system time and date to something far, far away, such as the year 2020. Then add the user / change the password, then change the date back

    # date 121212122020.00
# pdbedit -a username
# smbpasswd username
# rdate -n -s time.server.url

    enter image description here

    The Password can change date is so far ahead that Windows isn't allowed to change it. This solves the problem!

    One thing I did learn though about this is to do it after hours, as it seems to affect users' abilities to log in to the file server... I caught that before I did it though.

    • 1