disable "fake" samba authentication error messages
Luke Kenneth Casson Leighton
lkcl at switchboard.net
Thu Jul 2 17:41:34 GMT 1998
On Thu, 2 Jul 1998, Charlie Brady wrote:
>
> On Thu, 2 Jul 1998, Urs Rau wrote:
>
> > What bothers me is that samba is filling up my log files with a lot of
> > extraneous/fake entries about authentication failures. "Extraneous/fake" -
> > because all it is is a reflection of the way the protocol actually tries to login -
> > going through the upper/lower case mutations as configured.
This is due to the Windows machines forcing the password to be uppercased.
A cracking algorithm is applied, which can be short-circuited by asking
your users to only use lower case letters in passwords. This will still
allow numbers and non-numeric characters but may still not satisfy the
truly paranoid.
The alternative is to use encrypted passwords, and maintain the UNIX and
NT / LM password databases seperately: there are tools to do this.
Luke
More information about the samba
mailing list