discussion on implementation of "bad attempt locakout" policy
Jianliang Lu
j.lu at tiesse.com
Mon Mar 24 15:39:20 GMT 2003
Hi,
I'm looking at "bad attempt locakout" on samba3.0 a22. My opinion is to
introduce a new variable "uint32 bad_pw_counts" in the struct user_data of
SAM_ACCOUNT. so in the auth.c, routine check_ntlm_password(), I can check the
bad password attemped against the AP_BAD_ATTEMPT_LOCKOUT, if it were more
than that, I will lock the user.
I'd like to have your sugestions on this issue, specially to know where I can
put the count of the bad_pw_counts.
Jianliang Lu
TieSse s.p.a.
Via Jervis, 60 10015 Ivrea (To) ITALY
j.lu at tiesse.com
luj at libero.it
More information about the samba-technical
mailing list