[Samba] Samba shares on Linux machine get disconnected after ~ 1
min
Walter Mautner
retlaw.rentuam at gmail.com
Wed Dec 27 11:44:45 GMT 2006
Guido Lorenzutti wrote:
> Hi people! I have a few problems with the password strength in Samba.
> I have a PDC with LDAP on Debian Stable, with a few packages from
> backports. The problem is that I can't find a way to enforce strenght to
> the passwords of the users. I can't define a policy to force things like:
> number of uppercase letters, number of downcase letters, number of
> numbers in the password, to check the diference between the new and the
> old, to store a list of old passwords to check... I mean, things that
> are requiered to enforce some policy of security by my company.
> Bottom line? The users can put his username for password! Not even that
> is checked...
>
Since windows by default only sends encrypted password hashes across the
net, it will be impossible to check passwords on the server side. The ldap
only stores lanman and nt hashes, except your users change their passwords
from a *nix shell.
> It's something wrong in my setup or is a feature request? I see min
> password length.. but.. the rest?
>
You will have to employ poledit to generate a useful ntconfig.pol which has
to be present in the netlogon share of your DC. There are some basic
password checks you can configure there, but they take place at the local
client.
Ldap can, however, enforce password changes due to the timestamps it stores
for password hash changes.
More information about the samba
mailing list