Samba password never expires


#1

I use nethsever 6.5 which use samba3 (?) for shared folder service.
By default the nethserver installation configure any time for password expiry (Es. 1 year… 6 month…) or by default the password of shared folder never expire ?


(Alessio Fattorini) #2

I’d like to make it clear, from the manual

A shared folder is always owned by a group of users (Owning group). Each member of the group is allowed to read the folder contents

Access is regulated by user login so you have to deal with user passwords expiration, using the proper panel.
Shared folder password never expires but it regards only to the web access.
Have I answered to your doubts?


(Davide Principi) #3

It seems it never expires :cold_sweat:

    # net sam policy show 'maximum password age'
Account policy "maximum password age" description: Maximum password age, in seconds (default: -1 => never expire passwords)
Account policy "maximum password age" value is: -1

It’s a bug (or a missing feature :grin:)

I think the password aging policy must be the same for both Samba and Unix passwords!


#4

No… but thanks to your post and thanks to the davidep post now i understand why from 2 year ago every six month users of my server are blocked (they use the shared folder service, samba) until the admin insert again the password using the password change.
I thought it was an ldap db corruption !

From nethserver documentation:
"The system will send an e-mail to inform the users when their password is about to expire."
If a user don’t have an email ? If you are not using the mail server on nethserver ?
Who receive the mail ?


(Davide Principi) #5

Good point, I think if the mail server is installed or not the password expire mail notification should always go to the mail address set in “External mail address”, under the user’s Profile. That field should be displayed on the Users & Groups form, too.


(Rob Bosch) #6

IMO one reason more to always use company/organisation email addresses and never private email addresses. This is not only for this reason. It is also more professional and more clear in communication, both internally and externally.