[PATCH] bad password lock
José Luis Tallón
jltallon at adv-solutions.net
Thu Sep 18 16:32:25 GMT 2003
At 16:31 18/09/2003 +0200, Aurélien Degrémont wrote:
>Andrew Bartlett wrote:
>>The main problem with this patch is the change to the DB format string -
>>you break every TDBsam installation out there.
>Thanks to Richard, we have (nearly sure) found out where and how
>informations concerning 'logon count' field,'bad pwd count' field and
>'lockout duration' implementation are.
>But, to implement all of this, we need to store the bad pwd count and a
>lockout time. Bad pwd count is included in the unknown5 field of SAM
>ACOOUNT struct, so that's ok. But, the lockout time is not available in
>it, in any of the unknown fields of this structure.
Hmmmm, IANA Member of Samba Team, but shouldn't "lockout time" be a
Therefore, it must be stored along with the rest of the account policies,
and not with each SAM entry.
>So, how store it if we cannot modify the structure length (I understand
>why we must not)
At another place, obviously.
More information about the samba-technical