Bad Password Lockout Problems

Guenther Deschner gd at samba.org
Thu Jun 23 08:51:13 GMT 2005


On Thu, Jun 23, 2005 at 09:40:38AM +0200, Simo Sorce wrote:
> On Wed, 2005-06-22 at 21:26 -0600, John H Terpstra wrote:
> > Observations:
> > ----------------
> > 1. We may have a bug (not proven) in the bad password handling code.
> 
> what kind of bug?
> do you mean that the password history was indeed present ?

John, any chance your password history is set to more then 15 passwords ?

> > Please can someone recommend HOW we can maintain consistent domain-wide 
> > security policies where the NT4 Domain User Manager is used?
> 
> The only way is to move policies into ldap (for ldap setups), I think I
> already talk with Jerry about that, but I can't remember the outcome.

Simo, replicated account-policies in LDAP (as part of ldapsam) are part of
samba3-trunk since a long time already. 

(http://websvn.samba.org/cgi-bin/viewcvs.cgi?rev=4925&view=rev)

Well, one of the well-hidden-almost-unknown features of trunk, I guess :) 

It has a couple of issues (on my long list of things to fix) and will see a
redesign to put all account-policies directly below the sambaDomainObject. I
hope to be able to work on that next.

Cheers,
Guenther
-- 
Günther Deschner                    GPG-ID: 8EE11688
Novell / SUSE LINUX                       gd at suse.de
Samba Team                              gd at samba.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20050623/cc1d845b/attachment.bin


More information about the samba-technical mailing list