[Samba] [Fwd: password quality compliance]
chris.snider at tagtmi.com
Tue Jan 18 14:31:07 GMT 2005
I would also like to see a force strong password feature added.
> -----Original Message-----
> From: samba-bounces+chris.snider=tagtmi.com at lists.samba.org [mailto:samba-
> bounces+chris.snider=tagtmi.com at lists.samba.org] On Behalf Of Gerald
> (Jerry) Carter
> Sent: Monday, January 17, 2005 9:01 AM
> To: fandino at ng.fadesa.es
> Cc: samba at lists.samba.org
> Subject: Re: [Samba] [Fwd: password quality compliance]
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> fandino wrote:
> | ok, I will do a more direct question.
> | How is supposed Samba will prevent users from selecting
> | weak passwords?
> There have been several variants opf patches that would allow
> smbd to use the libcrack library to enforce string passwords.
> The final agreed upon design was never implemented to my knowlege
> (at least I don't remember seeing a patch).
> What we need is just a hook that allows you to call an
> external script to check the password strength. Would be very
> easy to do. The main issue would be good error returns from
> the script to smbd (such as dictionary word, password to
> short, etc...) and then translating these to an NTSTATUS error
> code for the client.
> If you are interested in implementing this, I'd take it up
> on the samba-technical mailing list.
More information about the samba