RES: [Samba] Manage user policy

Fernando Ribeiro fernando at
Wed Aug 13 11:36:19 GMT 2003

I am interested in this too, but what I realy want is to lock the user
account after a number of bad logins.
The pdbedit tool that comes with samba 3.x suite does exactly what we
want but it did not work for me.
I set the number of bad logons to 3 using: pdbedit -p "bad lockout
attempt" -C 3
When testing this trying to logon using bad password 3 times samba does
not lock the account.
But I think it should work for password's. Didn't test yet.
Take a look at these docs

Luck for all!

Fernando Henrique Ribeiro da Silva

-----Mensagem original-----
De: at
[ at] Em
nome de John H Terpstra
Enviada em: terça-feira, 12 de agosto de 2003 14:26
Para: Kaspars
Cc: Samba Mailing List
Assunto: Re: [Samba] Manage user policy

On Tue, 12 Aug 2003, Kaspars wrote:

>  Hi all,
> I interested in use Samba as PDC, but I want user account policy, that

> users use password not less than 8 symbols and users must change their

> password every 30 days...  I search trough google, try little reading 
> of many manuals, but didn`t find my answer... only what many people 
> are interested in that too. btw, some ppl say that it can be done with

> new samba-3 and ldap, how, manuals?

This can be done with Samba-3. You can set the password policy using:

1. Unix command line too is: pdbedit
	- see man page for pdbedit
2. Microsoft SrvTools.exe
	- can be installed on NT4 Workstation, Windows 200x / XP
	- use the Domain User Manager
3. Microsoft NEXUS.EXE
	- use this for domain management from Win 9x/Me
	- use the Domain User Manager

- John T.
John H Terpstra
Email: jht at
To unsubscribe from this list go to the following URL and read the

More information about the samba mailing list