Hi list, samba version: 3.0.23d-4 on debian etch.
To enforce complex passwords I've added the line: check password script = /usr/local/scripts/checkpw Where checkpw is a script returning 0 if ok, and returning an error if not ok. The restrictions the script checks are: at least one uppercase, at least one lowercase, at least one number, at least one non-alphanum character and at least 8 characters long. The script is tested on the commandline and works fine. Now, when a user tries to change the password, types a password which is not ok, windows xp says that "3 out four of the following... upper, lower, number, non-alpha", this is a standard windows message, so it seems ok. But now for the strange thing, the password requirements turn out to be "3 out of 4" in stead of "4 out of 4", so windows xp seems to apply it's own password restrictions in stead of the restrictions of the script. And that works, so a user can choose a password eg "1234azAZ" without any %^* or so, while the checkpw script doesn't allow that. And, even stranger, when I use the "smbpasswd -r our_samba_server -U myusername" to change my password (from the commandprompt of my linux pc) I can use any password I want. These are relevant smb.conf parameters: passdb backend = ldapsam:"ldap://our_ldap_server:389"; enable privileges = Yes check password script = /usr/local/scripts/checkpw unix password sync = Yes passwd program = /usr/sbin/smbldap-passwd -u %u passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new password*" %n\n" Any ideas? regards, Jeroen. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
