With Samba4 becoming more relevant everyday as a drop in replacement for AD, below are the basics of password management in Samba4 using the samba-tool. The following code shows the commands dealing with passwords and account expiration.

 

#Disable password expiration for the Administrator account.
samba-tool user setexpiry Administrator --noexpiry
 
#Show domain level password options.
samba-tool domain passwordsettings show
 
#Disable password complexity at the domain level.
samba-tool domain passwordsettings set --complexity=off
 
#Disable password history at the domain level.
samba-tool domain passwordsettings set --history-length=0
 
#Disable password min-age at the domain level.
samba-tool domain passwordsettings set --min-pwd-age=0
 
#Disable password max-age at the domain level.
samba-tool domain passwordsettings set --max-pwd-age=0
 
#Disable minimum password length at the domain level.
samba-tool domain passwordsettings set --min-pwd-length=0

 

QNAP NAS: This is also applicable to a QNAP NAS on version >= 4.3.x software, running in Domain Controller mode, with Domain Controller Users. For QNAP, the samba-tool is located in /usr/local/samba/bin.