[Samba] Sarbanes-Oxley headaches

Tony Earnshaw tonye at billy.demon.nl
Fri May 13 17:18:24 GMT 2005


fre, 13.05.2005 kl. 16.36 skrev Stuart Highlander:

> i had an examiner yesterday ask similar questions about my system yesterday.
> thank you for direction to the pdbedit manpage.

It was too sharply worded, blame the flu attack ...

> suppose i wanted to set up account lockout for 3 failed login attempts for
> my w2k workstations with the ability to try again in 5 minutes.  would these
> be the commands to use:
> 
> pdbedit -P "bad lockout attempt" -C 3
> pdbedit -P "reset count minutes" -C 5

I asked the meaning of each of these parameters on the list, but no one
seemed to know; at least no one replied.

E.g., for the second of your examples, I'd rather fancy "lockout
duration". I tried certain things out for myself on my test system
(3.0.14a, ldapsam with GQ LDAP "help") and succeeded in locking user
Kvikk the Cat out for more ore less ever, found out what I'd done wrong,
remedied it but got cold feet and didn't dare touch pdbedit -P again for
the time being. I'd love some explanation ...

Since the meaning of all these parameters *is* so vague, this would be
an excellent point for JHT to document in the updated HOWTO.

> as for logging some of the requests of the original poster, i have found a
> free program that will log the windows event log to a remote syslog server.
> here is the link:
> 
> http://www.netadmintools.com/art284.html

Looks good :)

--Tonni

-- 
Nothing sucksseeds like a pigeon without a beak ...

mail: tonye at billy.demon.nl
http://www.billy.demon.nl
 
They'll love us, won't they? They feed us, don't they? ...



More information about the samba mailing list