Encrypted Passwords & Restricting Logon Attempts

Richard Sharpe rsharpe at ns.aus.com
Wed Nov 27 18:47:00 GMT 2002

On Wed, 27 Nov 2002, Jim Morris wrote:

> Andrew (or anyone),
> As an alternative to modifying Samba, is there any way that the Samba 
> logon could be aborted as late as the processing of the Windows logon 
> scripts?   If I could somehow force the user to log back out at that 
> point (via the logon script), then that may be a temporary workaround 
> to my problem.

By the time that the logon script is running on the client, authentication 
has completed already.

The best way to do this is, as Jeremy points out, keep a log of all 
sessions, and if the user is already logged on, to fail them with an 
appropriate status. 

In my view, you would authenticate them, and fail with this response only 
after you had determined that authentication was successful.

Similarly, you would keep information about failed logon attempts, and 
deal with that separately.
> Thanks!
>   --
> Jim Morris (Jim at Morris-World.com)

Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, 
sharpe[at]ethereal.com, http://www.richardsharpe.com

More information about the samba-technical mailing list