R: R: password policy on samba 3.0

Andrew Bartlett abartlet at samba.org
Wed Oct 29 11:07:02 GMT 2003

On Wed, 2003-10-29 at 21:35, lu wrote:
> Check the "Implementation of Password Policy on Samba3.0 a22.." of 06 May
> 2003.
> I think that Jeremy is working on it and the patch may be included on 3.0.1.

Make no assumptions (even the most interesting and important patches get
lost, it works best if you keep up current, improved versions).   Can
you post an up-to-date patch, given the parts that have already been

I'm not convinced how much Samba should be involved in the 'password
quality' issue - given how it varies between sites.  There was a patch
much earlier that put this out to an external script.  (Allowing
cracklib and the like)

However, if we do make Samba handle this I would like to see the 'old
passwords' optionally stored in some salted, not MD4() hashed form, or
in the original cleartext for soundex comparison.  

Andrew Bartlett

Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20031029/0c32cc44/attachment.bin

More information about the samba-technical mailing list