Problems with SAMBA 3.0.4 and sambaBadPasswordCount
Hoferer, Patrick K. (Space Systems)
Patrick.Hoferer at ngc.com
Tue Jun 15 23:18:30 GMT 2004
I found your name on the Internet. Since you developed the 3.0.2 patch for "Bad Password Count", I was hoping you could assist me with my sambaBadPasswordCount problems. As per the 3.0.4 documentation I created the attributes for "sambaBadPasswordCount" and "sambaBadPasswordTime" and associated them to the "sambaSamAccount" objectclass in my LDAP Directory Server.
Although I can see the "Last bad password" and "Bad password count" equals 0 when I do a `pdbedit -v -L smbtest` for the test user I cannot seem to intentionally lock the account through password failures. Whenever the user types in the wrong password at the prompt the sambaBadPasswordCount does not increment.
I have tried to lock the account by changing the atributes sambaBadPasswordCount=5 and sambaBadPasswordTime=2147483647, but when I run the pbedit command the SAMBA administrator account changes the values back to "0" and the user is allowed in. In addition if I set the sambaBadPasswordCount=5 and sambaBadPasswordTime=2147483647 and I login successfully on the windows client; the "Last bad password" and "Bad password count" is set back to 0 by the administrator.
Do you know if the 3.0.4 locking is working with an LDAP backend yet? I already have a 3.0.2 server up and running and I would like to keep it instead of upgrading so when I found your patches on the Internet I thought I could make them work for my domain. How do I compile the code you provided to work in my 3.0.2 environment?
I would truly appreciate any insight you could provide on my dilemma.
More information about the samba-technical