[Samba] AD Rules in Samba
pgienger at ae-solutions.com
Tue Apr 26 13:20:07 GMT 2005
>>>How can I create group policies in Active Directory using Samba 3? (Such as only
>>>allow three time incorrect login and ect.)
>You can use pdbedit to establish password policies; lock out counts,
>expiration, minimum time to change, length, etc...
Ah... but of course. Thanks for catching my slip-up. The information
on this can be found in the pdbedit man page, these appear to be the
Display an account policy
Valid policies are: minimum password age, reset count
minutes, disconnect time, user must logon to change
password, password history, lockout duration, min pass-
word length, maximum password age and bad lockout at-
Example: pdbedit -P "bad lockout attempt"
account policy value for bad lockout attempt is 0
Sets an account policy to a specified value. This op-
tion may only be used in conjunction with the -P op-
Example: pdbedit -P "bad lockout attempt" -C 3
account policy value for bad lockout attempt was 0
account policy value for bad lockout attempt is now 3
>>Are you saying that you are running an samba controlled domain and would
>>like to make use of the GPO functionality like one would get in an AD
>>If that is the case, you can't. The closest you can get is using NT4
>There was a statement that GPO *IS* possible in Samba 3.x; but I
>haven't seen the documentation come forth.
Really? I thought this was excusively a samba4 thang. My ears and mind
Paul Gienger Office: 701-281-1884
Applied Engineering Inc.
Systems Architect Fax: 701-281-1322
URL: www.ae-solutions.com mailto: pgienger at ae-solutions.com
More information about the samba