[Samba-it] Criteri password samba pdc

Alessio Bottazzi alessio.bottazzi at bclsnc.191.it
Mon Aug 30 16:56:01 MDT 2004


Ho finito di configurare samba come pdc (uso la ver. 3.0.6), ma facendo
alcune prove sulle password di accesso ho notato che non vengono considerati
i criteri impostati con pam riguardo la complessità delle password. 

Inoltre consente di reinserire le password precedentemente utilizzata, cosa
che vorrei impedire per adeguarmi alla legge sulla privacy. Sapete darmi
qualche indicazione su cosa devo modificare per usare le restrizioni
dell'accoppiata passwd + pam?

 

Questo è il smb.conf che utilizzo:

 

# Samba config file created using SWAT

# from 127.0.0.1 (127.0.0.1)

# Date: 2004/08/28 10:36:34

 

# Global parameters

[global]

      workgroup = BCL

      server string = Dominio BCL - Samba %v

      update encrypted = Yes

      client schannel = No

      server schannel = No

      min passwd length = 8

      obey pam restrictions = Yes

      pam password change = Yes

      passwd program = /usr/bin/passwd %u

      passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*

      unix password sync = Yes

      log level = 2

      log file = /var/log/samba/%m.log

      max log size = 100

      name resolve order = lmhosts host wins bcast

      time server = Yes

      unix extensions = No

      server signing = auto

      socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

      disable spoolss = Yes

      mangling method = hash

      add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false
-M %u

      add machine script = /usr/sbin/useradd -d /dev/null -g machines -s
/bin/false -M %u

      logon script = netlogon.bat

      logon path = 

      logon home =  <file:///\\%25L\%25U\.profile> \\%L\%U\.profile

      domain logons = Yes

      os level = 128

      preferred master = Yes

      domain master = Yes

      dns proxy = No

      ldap ssl = no

      pid directory = /var/run/samba

      winbind cache time = 15

      cups options = raw

      print command = lpr -r -P%p %s

      lpq command = lpq -P%p

      lprm command = lprm -P%p %j

      strict locking = No

 

[netlogon]

      comment = Servizi Accesso Rete

      path = /home/netlogon

      write list = @admin

      browseable = No

 

[profiles]

      comment = Profili Accesso Rete

      path = /home/profiles

      read only = No

      create mask = 0600

      directory mask = 0700

      browseable = No

 

[homes]

      comment = Home Directories

      read only = No

      only user = Yes

      browseable = No

 

[public]

      comment = Public

      path = /home/samba

      read only = No

      create mask = 0777

      directory mask = 0777

      guest ok = Yes

 

[software]

      comment = Software

      path = /home/software

      read only = No

      create mask = 0777

      directory mask = 0777

      guest ok = Yes

 

[effetti]

      comment = Effetti Gx

      path = /usr/gx23/effetti

      read only = No

      guest ok = Yes

 

[client]

      comment = Client Gx

      path = /home/client

      read only = No

      guest ok = Yes

 

[client23]

      comment = Client Gx 2.3

      path = /home/client23

      read only = No

      guest ok = Yes

 

[d-Copia 20]

      comment = Olivetti d-Copia 20

      path = /tmp

      guest ok = Yes

      hosts allow = 192.168.139.0/255.255.255.0

      printable = Yes

 

[Bcl]

      comment = Documenti Bcl

      path = /home/Bcl

      read only = No

      create mask = 0777

      directory mask = 0777

      guest ok = Yes

 

Grazie Alessio

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.samba.org/pipermail/samba-it/attachments/20040830/0ed335b7/attachment.html>


More information about the samba-it mailing list