[Samba] Help with cracklib
Iván M. Marzán Rocha
ivanm at fadesa.es
Tue Jun 15 17:18:14 GMT 2004
Hi! before nothing, sorry for my english, I hope you understand me.
I've a problem with the new samba 3.0.4-1.12, before I had the version 3.0.2a
with LDAP
for administrate all the users and when a samba password expired I used the
"use cracklib"
parameter for force the user to insert a strong password, well now this
parameter isn't
avaliable and I believe that must make it with the /etc/pam.d/samba file if I
want to do
the same effect than before, but the line which references to the
pam_cracklib.so seems
to do nothing and I check that the file is been processed because if I input a
wrong line
the logs how /var/log/messages or /var/log/samba/log.smbd warns me.
Please I need help!!
My configuration file has:
------------------------------------------------------------------------------------------
[global]
workgroup = DOMINFO73
interfaces = 127.0.0.1, eth0
bind interfaces only = Yes
obey pam restrictions = Yes
smb passwd file = /etc/samba/smbpasswd %u
passdb backend = ldapsam:ldap://demonio.servidores.fadesa
pam password change = Yes
passwd program = /usr/bin/passwd %u
unix password sync = Yes
load printers = No
logon script = inicio.bat
logon home = \\%N\%U\samba.perfiles
domain logons = Yes
domain master = Yes
ldap suffix = dc=fadesa,dc=es
ldap machine suffix = ou=maquinas
ldap user suffix = ou=personas
ldap group suffix = ou=grupos
ldap idmap suffix = ou=idmap
ldap admin dn = cn=manager,dc=fadesa,dc=es
ldap ssl = no
ldap passwd sync = Yes
idmap backend = ldap:ldap://demonio.servidores.fadesa
[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No
[public]
comment = Carpeta p�lica
path = /tmp/samba.compartida
read only = No
guest ok = Yes
[netlogon]
comment = The domain netlogon service
path = /home/%U/samba.netlogon
read only = No
browseable = No
------------------------------------------------------------------------------------------
The /etc/pam.d/samba file has these lines:
-------------------------------------------------------------------------------------------
#%PAM-1.0
auth required pam_warn.so
auth requisite pam_nologin.so
auth required pam_unix.so
account required pam_warn.so
account required pam_unix.so
password required pam_warn.so
password requisite pam_cracklib.so retry=3
password required pam_unix.so shadow md5 use_authtok
try_first_pass
password required pam_smbpass.so nullok use_authtok
try_first_pass
session required pam_unix.so
-------------------------------------------------------------------------------------------
Thanks you in advance.
More information about the samba
mailing list