Please read the documentation. Samba3-HOWTO.pdf is a good start. You can
obtain it from: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf
The utility you need to master is called 'pdbedit', but before using it please
read up on user rights and privileges and on policies.
- John T.
On Tuesday
Hi Guido,
Know what Im missing:
1) check that the new password is not similar to the old one.
The pam_cracklib man pages show exactly what are you found:
By default, pam_cracklib performs a number of basic checks on the new password:
Simple Checks
Thank you for you answear, but I try what you say and it dosen't work.
I now using obey pam restrictions, I restart samba... and this is my pam
config:
bowman:/var/log# cat /etc/pam.d/samba
account required /lib/security/pam_unix.so
account sufficient /lib/security/pam_ldap.so
auth
welll obey pam restrictions and encrypt passwords = yes dosen't
work at the same time. If you select encrypt passwords = yes obey pam
.. dosen't work anymore. And I cant say no to encrypt passwords...
Any other idea?
Guido Lorenzutti wrote:
Thank you for you answear, but I try what you
Allright! I fix one of the problems. How can you check that the user is
not using an old password?
pdbedit -P list
No account policy by that name
Account policy names are :
min password length
password history
user must logon to change password
maximum password age
minimum password age
lockout
Hi people! I have a few problems with the password strength in Samba.
I have a PDC with LDAP on Debian Stable, with a few packages from backports.
The problem is that I can't find a way to enforce strenght to the
passwords of the users. I can't define a policy to force things like:
number of
I think you'll find at least some of these are Windows Policies and
would not be reflected in the smb.conf file. If you check the Samba
Howto collection and the Samba by example documents at samba.org, you'll
find examples of how to set some of the policies.
To be honest, I've never gone
Maybe I can do this with the check password script. But I only found
the cracklib example. Anyone knows a way of doing this? Becouse the
cracklib example only check agains a dictionary.
Tnxs in advance.
Gary Dale wrote:
I think you'll find at least some of these are Windows Policies and
Hi Guido,
There are a set of ways to accomplish such task.
Some I use is:
1) Set obey pam restrictions = yes in the smb.conf file.
2) Set check password script = /usr/sbin/crackcheck -d /usr/lib/cracklib_dict
This check the user password against a dictionary. Crackcheck can be
downloaded from
Guido Lorenzutti wrote:
Maybe I can do this with the check password script. But I only found
the cracklib example. Anyone knows a way of doing this? Becouse the
cracklib example only check agains a dictionary.
Tnxs in advance.
Just make a simple script that can check the input password must
10 matches
Mail list logo
