[PATCH] bad password lock

José Luis Tallón jltallon at adv-solutions.net
Thu Sep 18 16:32:25 GMT 2003

At 16:31 18/09/2003 +0200, Aurélien Degrémont wrote:
>Andrew Bartlett wrote:
>>The main problem with this patch is the change to the DB format string -
>>you break every TDBsam installation out there.
>Thanks to Richard, we have (nearly sure) found out where and how 
>informations concerning 'logon count' field,'bad pwd count' field and 
>'lockout duration' implementation are.
>But, to implement all of this, we need to store the bad pwd count and a 
>lockout time. Bad pwd count is included in the unknown5 field of SAM 
>ACOOUNT struct, so that's ok. But, the lockout time is not available in 
>it, in any of the unknown fields of this structure.

Hmmmm, IANA Member of Samba Team, but shouldn't "lockout time" be a 
*global* setting?
Therefore, it must be stored along with the rest of the account policies, 
and not with each SAM entry.

>So, how store it if we cannot modify the structure length (I understand 
>why we must not)

At another place, obviously.

>Aurélien Degrémont


More information about the samba-technical mailing list