Problems with SAMBA 3.0.4 and sambaBadPasswordCount

Hoferer, Patrick K. (Space Systems) Patrick.Hoferer at
Tue Jun 15 23:18:30 GMT 2004


I found your name on the Internet. Since you developed the 3.0.2 patch for "Bad Password Count", I was hoping you could assist me with my sambaBadPasswordCount problems. As per the 3.0.4 documentation I created the attributes for "sambaBadPasswordCount" and "sambaBadPasswordTime" and associated them to the "sambaSamAccount" objectclass in my LDAP Directory Server. 

Although I can see the "Last bad password" and "Bad password count"  equals 0 when I do a `pdbedit -v -L smbtest` for the test user I cannot seem to intentionally lock the account through password failures. Whenever the user types in the wrong password at the prompt the sambaBadPasswordCount does not increment. 

 I have tried to lock the account by changing the atributes sambaBadPasswordCount=5 and sambaBadPasswordTime=2147483647, but when I run the pbedit command the SAMBA administrator account changes the values back to "0" and the user is allowed in. In addition if I set the sambaBadPasswordCount=5 and sambaBadPasswordTime=2147483647 and I login successfully on the windows client; the  "Last bad password" and "Bad password count"  is set back to 0 by the administrator. 

Do you know if the 3.0.4 locking is working with an LDAP backend yet? I already have a 3.0.2 server up and running and I would like to keep it instead of upgrading so when I found your patches on the Internet I thought I could make them work for my domain. How do I compile the code you provided to work in my 3.0.2 environment? 

I would truly appreciate any insight you could provide on my dilemma.

Thank you,
Patrick Hoferer   

More information about the samba-technical mailing list