Bug 57243 – Samba policy "Maximum password age" gets set to "0" when UMC configuration is set to hours/minutes/seconds

Bug 57243 - Samba policy "Maximum password age" gets set to "0" when UMC configuration is set to hours/minutes/seconds


Summary:	Samba policy "Maximum password age" gets set to "0" when UMC configuration is...

Status:	NEW

Product:	UCS
Classification:	Unclassified
Component:	UMC - Basic settings
Version:	UCS 5.0
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	---
Assigned To:	UMC maintainers
QA Contact:	UMC maintainers

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2024-04-29 17:08 CEST by Finn David
Modified:	2024-04-29 17:55 CEST (History)
CC List:	1 user (show)

See Also:
What kind of report is it?:	Bug Report
What type of bug is this?:	3: Simply Wrong: The implementation doesn't match the docu
Who will be affected by this bug?:	1: Will affect a very few installed domains
How will those affected feel about the bug?:	2: A Pain – users won’t like this once they notice it
User Pain:	0.034
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Finn David

2024-04-29 17:08:37 CEST

UCS: 5.0-7 errata1032
In the UMC we allow the customer to change the samba password policy. We can change the "Maximum password age" and are offered seconds, minutes, hours and days as possible values. If configured to anything else than days though, after saving the policy the value is accepted in UDM but samba-tool shows the "Maximum password age" is set to "0".


Here is the configuration after saving the policy with a value of 12 hours:


root@primary:~# udm settings/sambadomain list 

DN: sambaDomainName=TIERHEIM,cn=samba,dc=tierheim,dc=intranet
  NextGroupRid: 1000
  NextRid: 1000
  NextUserRid: 1000
  SID: S-1-5-21-1680174230-2814138117-3663574771
  badLockoutAttempts: None
  disconnectTime: None
  domainPasswordComplex: 0
  domainPasswordStoreCleartext: 0
  domainPwdProperties: 0
  lockoutDuration: 30 minutes
  logonToChangePW: None
  maxPasswordAge: 12 hours
  minPasswordAge: None
  name: TIERHEIM
  passwordHistory: 3
  passwordLength: 8
  refuseMachinePWChange: None
  resetCountMinutes: None

root@primary:~# samba-tool domain passwordsettings show

Password information for domain 'DC=tierheim,DC=intranet'

Password complexity: off
Store plaintext passwords: off
Password history length: 3
Minimum password length: 8
Minimum password age (days): 0
Maximum password age (days): 0
Account lockout duration (mins): 30
Account lockout threshold (attempts): 5
Reset account lockout after (mins): 5