[Samba] Strong Password Enforcement (Windows-side)

Adam Williams adam at morrison-ind.com
Fri Oct 3 14:42:26 GMT 2003

> I currently use unix passwd sync = yes to accomplish this in 2.2.8.  The
> option still appears to be available in 3.0.0.  You can specify a custom
> script with passwd program and passwd chat in smb.conf which will check
> the password's strength.  This program must return successful before
> samba will change the samba password, effectively checking password
> strength.

True, this works.  But it doesn't provide the user with a very helpful
error message when the password can't change because the chat script
refused it.  Samba 3.x.x's password change error messages are really
helpful and reduce alot of support calls for us - like it says you can't
reuse one of your past 24 passwords if you enter one, etc... (based upon
your site policies of course).

Maybe we can have a fund raiser or send pizza for cracklib support?!

More information about the samba mailing list