[Samba] Enforce strong passwords?
Andrew Bartlett
abartlet at samba.org
Wed Oct 26 11:29:43 GMT 2005
On Tue, 2005-10-25 at 18:07 -0600, John H Terpstra wrote:
> On Tuesday 25 October 2005 17:58, Charles Marcus wrote:
> > Is there any way to do this with Samba and LDAP?
> >
> > What I'd like is to be able to, at a minimum, force minimum password
> > length, mixture of letters and numbers, and at least two 'special
> > characters'...
> >
> > Is this doable with Samba using LDAP for authentication? If not, is it
> > doable using other authentication means?
>
> Yes, it can be done with Samba-3 using either the tdbsam or the ldapsam passdb
> backend. I would recommend that you use Samba-3.0.21 that will soon be
> released as it has a number of refinements to assist in the implementation
> and management of password controls.
See in particular
check password script = /usr/local/bin/crackcheck
-d /usr/lib/cracklib_dict
(where crackcheck was compiled from the code in examples/auth in the
samba tarball).
This checks against cracklib, which is very painful, exactly the way you
want it to be :-)
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Samba Developer, SuSE Labs, Novell Inc. http://suse.de
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20051026/fc4a2836/attachment.bin
More information about the samba
mailing list