Buchan Milne wrote:
Samba provide password warnings to the end user?
Samba has it's own password expiry attributes, and assuming your users log into the samba domain, they should be prompted to change their passwords.
However, currently there is no easy way to keep the password expiry attributes in sync if passwords are not changed exclusively with samba. Unfortunately ppolicy + smbk5pwd don't update all samba password expiry attributes (I should file an ITS ...).
Perhaps you should file an enhancement request with the Samba folks instead. The LDAP password policy is intended to be usable by other applications. I seem to recall Andrew Bartlet mentioning that he already added code to work with it, but perhaps that's only in Samba4 and not Samba3...