[Samba] Domain Controller GPO

timothy mcdaniel timnboys333 at live.com
Wed Apr 20 08:23:37 MDT 2011


I would redownload the git source and download the latest version of samba4
and compile it and provision it and then when you get the latest verison of
samba4(which I think is samba4 alpha 15) and then how you would change the
password complexity requirements in the latest version of samba4 you would
use samba-tool or if you do not have the samba4 bin and sbin folders in your
path: /usr/local/samba/bin/samba-tool(this is assuming that you installed
the latest version of samba4 to your /usr/local folder) and you put this
command like this: "/usr/local/samba/bin/samba-tool pwsettings
--complexity=off --history-length=0 --min-pwd-length=0
--min-pwd-age=0" and then press enter and then it will disable the password
complexity on the latest version of samba4
>Thanks for your assistance, however the options are not recognized by the
>net command. Is there any other variation of those it could be?

>On Tue, Apr 19, 2011 at 2:49 AM, Daniel Müller <
mueller at tropenklinik.de>wrote:

> Refer to my thread this list: HOWTO samba4 centos5.5 named dnsupdate drbd
> simple failover
>
>
> Password Policy Settings!!
>
> Along with Samba4 the Password Policy you can only set from console, with
> 'net  pwsettings ' command.
> net  pwsettings  –help:
>
> usage: (show | set <options>)
>
> options:
>  -h, --help            show this help message and exit
>  -H H                  LDB URL for database or target server
>  --quiet               Be quiet
>   --complexity=COMPLEXITY
>                        The password complexity (on | off | default).
> Default
>                        is 'on'
>  --history-length=HISTORY_LENGTH
>                        The password history length (<integer> | default).
>                        Default is 24.
>  --min-pwd-length=MIN_PWD_LENGTH
>                        The minimum password length (<integer> | default).
>                        Default is 7.
>  --min-pwd-age=MIN_PWD_AGE
>                        The minimum password age (<integer in days> |
>                        default).  Default is 1.
>  --max-pwd-age=MAX_PWD_AGE
>                        The maximum password age (<integer in days> |
>                        default).  Default is 43.
>
>   Samba Common Options:
>    -s FILE, --configfile=FILE
>                        Configuration file
>    -d DEBUGLEVEL, --debuglevel=DEBUGLEVEL
>                        debug level
>    --option=OPTION     set smb.conf option from command line
>    --realm=REALM       set the realm name
>
>  Credentials Options:
>    --simple-bind-dn=DN
>                        DN to use for a simple bind
>    --password=PASSWORD
>                        Password
>    -U USERNAME, --username=USERNAME
>                        Username
>    -W WORKGROUP, --workgroup=WORKGROUP
>                        Workgroup
>    -N, --no-pass       Don't ask for a password
>    -k KERBEROS, --kerberos=KERBEROS
>                        Use Kerberos
>
>  Version Options:
>    --version           Display version number
>
> So I set my Password Policy:
>
> net  pwsettings  set –--complexity=off
> net  pwsettings  set ---max-pwd-age=60 #<---60 Days
> net  pwsettings  set –min-pwd-length=5
>
> net  pwsettings  show:
>
> [root at node1 ~]# net pwsettings show
> Password informations for domain 'DC=tuebingen,DC=tst,DC=loc'
>
> Password complexity: off
> Password history length: 24
> Minimum password length: 5
> Minimum password age (days): 1
>
> -----------------------------------------------
> EDV Daniel Müller
>
> Leitung EDV
> Tropenklinik Paul-Lechler-Krankenhaus
> Paul-Lechler-Str. 24
> 72076 Tübingen
>
> Tel.: 07071/206-463, Fax: 07071/206-499
> eMail: mueller at tropenklinik.de
> Internet: www.tropenklinik.de
> -----------------------------------------------
> -----Ursprüngliche Nachricht-----
> Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org]
> Im
> Auftrag von Christophe Dezé
> Gesendet: Dienstag, 19. April 2011 07:58
> An: samba at lists.samba.org
> Betreff: Re: [Samba] Domain Controller GPO
>
> Le 18/04/2011 21:15, Ryan Leimenstoll a écrit :
> > Hi All,
> >    I am using Samba4 Alpha12, and i am trying to edit the password
policy
> > (which I believe is derived from the PDC's policy), but I am trying to
> > figure out whether Samba4 can respond to GPOs. If It cannot, how would I
> > define the password policy for the domain? Thanks.
> it 's maybe because 4.0.0alpha12 - wasn't released
>
>
> :)
>


More information about the samba mailing list