t want to always fail the account, only when it's locked.
Is there something in ldap.conf that can be remapped to read this correctly?
> Date: Fri, 14 Jan 2011 03:56:29 +0900
> Subject: Re: [Samba] another question about account locking
> From: mo...@monyo.com
> To: groucho.64.
+0900
> Subject: Re: [Samba] another question about account locking
> From: mo...@monyo.com
> To: groucho.64...@hotmail.com
> CC: samba@lists.samba.org
>
> 2011/1/14 Kevin Taylor :
>
> > I did give it a try with no luck. However, I'm not sure that the way the
2011/1/14 Kevin Taylor :
> I did give it a try with no luck. However, I'm not sure that the way the pam
> rules I have set out would cause that to trip anyway.
>
> On most of our linux machines, we'd have the system-auth looking like this
> (what is the default generated by system-config-authent
on share accesses,
but it's really the interactive logins I need to lock.
Sorry if I'm being difficult about it. :)
> Date: Fri, 14 Jan 2011 03:38:05 +0900
> Subject: Re: [Samba] another question about account locking
> From: mo...@monyo.com
> To: groucho.64...@hotmail.c
2011/1/14 Kevin Taylor :
> Unfortunately, that doesn't work. Since we're using an LDAP backend, we had
> to turn on 'encrypt
> passwords=yes' which bypasses the pam checking.
Have you actually tried it?
To set "obey pam restrictions = yes", Samba obeys PAM's restriction.
For example, try:
---
Unfortunately, that doesn't work. Since we're using an LDAP backend, we had to
turn on 'encrypt passwords=yes' which bypasses the pam checking.
> Date: Fri, 14 Jan 2011 02:51:58 +0900
> Subject: Re: [Samba] another question about account locking
> From: mo.
On Fri, Jan 14, 2011 at 02:51:58AM +0900, TAKAHASHI Motonobu wrote:
> 2011/1/13 Kevin Taylor :
> >
> > Is there a way that we can increment the samba bad password count, when a
> > user fails a password on a linux system? I'm looking for ways to get both
> > Windows and Linux to simultaneously lo
2011/1/13 Kevin Taylor :
>
> Is there a way that we can increment the samba bad password count, when a
> user fails a password on a linux system? I'm looking for ways to get both
> Windows and Linux to simultaneously lock out accounts if they fail so many
> times. We're using an LDAP backend.
H
Is there a way that we can increment the samba bad password count, when a user
fails a password on a linux system? I'm looking for ways to get both Windows
and Linux to simultaneously lock out accounts if they fail so many times. We're
using an LDAP backend.