[Samba] Re: Sarbanes-Oxley headaches
Michal Kurowski
mkur at poczta.gazeta.pl
Sat May 14 11:34:51 GMT 2005
Tony Earnshaw [tonye at billy.demon.nl] wrote:
>
> Hmmm ... a bit short winded. If you use ldapsam backend and a GUI tool
> such as GQ you can see it literally under the sambaBadPasswordCount
> attribute. Using ldapsearch from the CLI you can get a list, for all
> users. It will be zeroed out, though, at the next successful login.
This can be heavily customized on the Ldap server side. The proper
server-side policy might help a lot in here. Specially things like
CoS as implemented in Sun Directory 5.2. Or perhaps in-house developed
(pre- or post- operation) plugins (did not have to try this path yet though).
I don't mean anything like a flamer in here but when using ldap it
would most reasonable to take full advantage from it.
> There are very few possibilities in Samba. What you ask you can get, at
> least using the ldapsam backend.
Exactly.
Cheers,
--
Michal Kurowski
<mkur at poczta.gazeta.pl>
More information about the samba
mailing list