Bad Password Lockout Inconsistency
Tony Huang
supertonyhuang at gmail.com
Wed Dec 23 22:44:10 MST 2009
Hi Samba Gurus,
I have one Samba server version 3.0.30 running on Sun Solaris 9. The passdb
is LDAP. Both the Samba and the LDAP have configured to the same account
policies.
I have a Samba global policy of 5 bad password lockouts. While this works
for some users but some other users are experiencing account lockout with
only 1 bad password count.
For users experiencing problems:
pdbedit -Lv user shows 1 bad password count and the account flags are [UL
]; LDAP, however, reflects 0 bad password count and Samba account flag of
[U ].
Accounts with no issues are behaving normally - account lockout after the
5th attempt, and both the Samba and LDAP servers reflect the [UL ] flags.
However, if I globally turn off the bad password count feature (with a value
of 0) then I will have no problems at all.
Why is there an inconsistency in account policy between the users?
HELP!
Thanks!
--Tony
More information about the samba-technical
mailing list