Differences

This shows you the differences between two versions of the page.

--- docpublic:systemes:samba4dc [2015/05/23 22:20]
procacci@tem-tsp.eu [samba 4 DC]
+++ docpublic:systemes:samba4dc [2015/06/06 14:46] (current)
procacci@tem-tsp.eu [Samba 4 DC]
@@ Line 4: / Line 4: @@
   * https://wiki.samba.org/index.php/Samba_4.x_Readme_First
+pourquoi debian vs centos MIT/heimdal
+  * https://blog.cryptomilk.org/2014/07/09/samba-ad-dc-in-fedora-and-rhel/
+  * http://opentodo.net/2013/01/samba4-as-ad-domain-controller-on-centos-6/
+  * http://community.spiceworks.com/topic/535153-centos-7-samba-domain-controller
+  * https://portal.enterprisesamba.com/
 ==== samba 4 ldap ====
@@ Line 16: / Line 22: @@
   * https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO
+  * http://www.linux-magazine.com/Online/Features/What-s-New-in-Samba-4
   * https://www-fourier.ujf-grenoble.fr/informatique/doku.php?id=samba4#kerberos_5
   * http://doc.ubuntu-fr.org/utilisateurs/qedinux/samba_ad_dc_members
@@ Line 418: / Line 425: @@
 Changed password OK
 </code>
+retirer l'expiration pour l'administrateur
+http://ubuntuforums.org/showthread.php?t=2146198
+<code>
+root@debie:~# /usr/bin/samba-tool user setexpiry Administrator --noexpiry
+Processing section "[netlogon]"
+Processing section "[sysvol]"
+pm_process() returned Yes
+Expiry for user 'Administrator' disabled.
+</code>
 ==== ntpd ====
@@ Line 453: / Line 473: @@
 </code>
+===== windows client Password change =====
+juste apres integrer un poste client W7 dans le domaine, le changement de password user de domain via CTRL+ALT+SUPP echoue
+cf log serveur
+<code>
+[2015/05/25 12:36:56.110925,  3, pid=9389, effective(0, 0), real(0, 0)] ../source4/kdc/kpasswdd.c:45(kpasswdd_make_error_reply)
+  kpasswdd: Password change rejected, password changes may not be permitted on this account, or the minimum password age may not have elapsed.
+</code>
+apparement il faut attendre 24H minimum avant de pouvoir le changer d'apres la politique par defaut
+<code>
+root@debie:~# samba-tool domain passwordsettings show
+Processing section "[netlogon]"
+Processing section "[sysvol]"
+pm_process() returned Yes
+Password informations for domain 'DC=dom,DC=4bo,DC=fr'
+Password complexity: on
+Store plaintext passwords: off
+Password history length: 24
+Minimum password length: 7
+Minimum password age (days): 1
+Maximum password age (days): 42
+</code>
+cf http://www.eenyhelp.com/answer/samba-samba4-users-can-not-change-their-password-using-ctrl-plus-alt-plus-del-help-214381202.html
+History lengh 24 -> 2
+<code>
+root@debie:/var/log/samba# samba-tool domain passwordsettings show | grep history
+Password history length: 24
+root@debie:/var/log/samba# samba-tool domain passwordsettings set --history-length=2
+Processing section "[netlogon]"
+Processing section "[sysvol]"
+pm_process() returned Yes
+Password history length changed!
+All changes applied successfully!
+root@debie:/var/log/samba# samba-tool domain passwordsettings show
+Processing section "[netlogon]"
+Processing section "[sysvol]"
+pm_process() returned Yes
+Password informations for domain 'DC=dom,DC=4bo,DC=fr'
+Password complexity: on
+Store plaintext passwords: off
+Password history length: 2
+Minimum password length: 7
+Minimum password age (days): 1
+Maximum password age (days): 42
+</code>
 ==== domain user ====

docpublic/systemes/samba4dc.1432419605.txt.gz · Last modified: 2015/05/23 22:20 by procacci@tem-tsp.eu

Show page Old revisions

[unknown link type]Back to top