[Pkg-samba-maint] DO NOT REPLY [Bug 5825] Account locking out doesnt work with an LDAP backend
samba-bugs at samba.org
samba-bugs at samba.org
Wed Feb 11 15:13:41 UTC 2009
https://bugzilla.samba.org/show_bug.cgi?id=5825
------- Comment #19 from admin at dmarkey.com 2009-02-11 09:13 CST -------
I've discovered another problem.
Samba seems to be caching account lockout details locally on the samba
instance,
For example, if you have a PDC and BDC both backed by LDAP, if a user
authenticating off a BDC locks themselves out then they are only locked out on
the BDC, not the PDC. Also when one tries to unlock the account using
usrmgr.exe it will connect to the PDC but of course the account will appear
fine because it is only locked out on the BDC.
Samba needs to go directly to LDAP each time and not cache any of this
information locally.
I'm having this problem in a production system, any patches welcome. For a
temporary workaround i've disabled account lockout.
--
Configure bugmail: https://bugzilla.samba.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the Pkg-samba-maint
mailing list