[Samba] Sarbanes-Oxley headaches

Tony Earnshaw tonye at billy.demon.nl
Thu May 12 17:55:03 GMT 2005


tor, 12.05.2005 kl. 18.54 skrev Robert Kelly:

> With the new scrutinization by auditors on account policies and
> auditing, how can Samba be SOX compliant?
> Using 3.0.14a-sernet on Suse 9.1 - ldapsam
> 
> Specifically, a couple of things seem to be lacking:
> 
> 1) Logon/Logoff times are not being recorded
> 	The last logon time recorded in my ldap entries are pre-nt4 migration.

Bad luck?

> 2) Do the Audit Policy values in user manager have any effect?
> 	Are they implemented?
> 	Can they be syslogged?

No to both, please read the official Samba HOWTOs. Experiment. Like we
all have to.

> 3) How can I get a hook into logons?
> 	Without turning up the debug values, how can I tell if an account has
> had repeated login failures?

Try 'man pdbedit' and search for "-P". 

I have never understood why people complain about any item of software's
supposed limitations until they have read and thoroughly understand all
aspects of all the documentation. Perhaps they aspire toward posthumous
beatification, attaining al martyrs' brigade status or whatever.

> Thanks,

*Wake up* and at least make *some effort* to read the docs and follow
the threads and experiment for yourself as 1001 others on this list,
including the undersigned choose to do. Hanging yourself out is not to
your own advantage.

--Tonni

-- 
Nothing sucksseeds like a pigeon without a beak ...

mail: tonye at billy.demon.nl
http://www.billy.demon.nl
 
They'll love us, won't they? They feed us, don't they? ...



More information about the samba mailing list