Logging password failures

Michael Kohne mhkohne at discordia.org
Mon Oct 5 11:32:28 GMT 1998

>Doesn't Samba log login failures? I'd like them logged, preferrably (at
>least to start with) with the tried id/password-pair. Do I have to get my
>hands dirty with the source or has someone done this before me?
>  // Jonas
Ummm, I know you want these logged, but trust me, you DON'T want the tried
password to be logged. Also, logging the ID is often a bad idea, if the id
isn't known to the system. People have a tendancy to type passwords where
they should type usernames, and a tendancy to type the password to another
system instead of the one for the system they are logging into. If you log
the failed id/password, you may well be logging their password to
something, and you don't want that kind of thing hanging around in your logs.

As to getting it to log: Play with the debug level command. I think if you
set the debug level to the right number you'll get this sort of thing
logged. However, note that samba may make several password verification
attempts per user, depending on case of password, etc (see the password
level configuration file option).

Good luck!

Michael Kohne
mhkohne at discordia.org
"Evolution is God's version of domino rally"

More information about the samba mailing list