password policy on samba 3.0

Aurélien Degrémont adegremont at
Wed Oct 29 13:49:48 GMT 2003

Simo Sorce wrote:

>Well thye password policy and tdbsam format are related but separated
>problems, we just need the mechanisms first and then we can adapt all
>the backends that can esily be modified to support that extension.
>LDAP would be easier for example.
The mecanism are ready. The patch have been posted on September.

>Can you expand on this one? Why do you need it and what operation do
>need it? Atomicity is not easy to achive with current passdb backend API
The bad password count field must be incremented each time a bad 
password is given.
To do it, the patch first read the value, add 1 and store the new value. 
But this is not done "atomically". For security reasons Andrew asked 
that this should be done atomically.


More information about the samba-technical mailing list