Encrypted Passwords & Restricting Logon Attempts

Andrew Bartlett abartlet at samba.org
Sun Dec 1 02:16:00 GMT 2002

On Thu, 2002-11-28 at 01:58, Jim Morris wrote: 
> Andrew (or anyone),
> As an alternative to modifying Samba, is there any way that the Samba 
> logon could be aborted as late as the processing of the Windows logon 
> scripts?   If I could somehow force the user to log back out at that 
> point (via the logon script), then that may be a temporary workaround 
> to my problem.
Really quick, and really ugly hack is to make Samba call the pam
function with some invalid password after failing the encrypted password
check...  Just watch that some parts of Samba may cause the password
check to fail, even when the right password is entered (it will try
again with the other password (NT or LM) in this case).  

Andrew Bartlett

Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20021201/e0989b48/attachment.bin

More information about the samba-technical mailing list