[Samba] [Fwd: password quality compliance]

Gerald (Jerry) Carter jerry at samba.org
Mon Jan 17 15:01:14 GMT 2005

Hash: SHA1

fandino wrote:
| ok, I will do a more direct question.
| How is supposed Samba will prevent users from selecting
| weak passwords?

There have been several variants opf patches that would allow
smbd to use the libcrack library to enforce string passwords.
The final agreed upon design was never implemented to my knowlege
(at least I don't remember seeing a patch).

What we need is just a hook that allows you to call an
external script to check the password strength.  Would be very
easy to do.  The main issue would be good error returns from
the script to smbd (such as dictionary word, password to
short, etc...) and then translating these to an NTSTATUS error
code for the client.

If you are interested in implementing this, I'd take it up
on the samba-technical mailing list.

cheers, jerry
Alleviating the pain of Windows(tm)      ------- http://www.samba.org
GnuPG Key                ----- http://www.plainjoe.org/gpg_public.asc
"I never saved anything for the swim back."     Ethan Hawk in Gattaca
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org


More information about the samba mailing list