Password history checks

Andrew Bartlett abartlet at
Fri Dec 4 03:21:14 UTC 2015

On Wed, 2015-12-02 at 15:50 +0100, Jérémie Courrèges-Anglas wrote:
> Hi,
> a client recently asked us about the password policy settings they
> could
> enforce in their Samba 4 AD domain.
> It *seems* that one of their wishes can't be fulfilled right now: the
> password history check[1].  This is supposed to prevent users from
> reusing the same passwords. Samba 4 is able to store up to 24
> previous
> passwords, but it doesn't seem to check for password reuse when a
> user
> changes his credentials.
> If this feature is indeed not implemented, maybe it is on someone's
> roadmap?

See samba-tool domain passwordsettings

What we don't support is reading it from a GPO (that is much harder).


Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team
Samba Development and Support, Catalyst IT

More information about the samba-technical mailing list