[Samba] Problem: how to make users use unique passwords
Hullen at t-online.de
Thu Jan 13 00:36:00 MST 2011
Du meintest am 13.01.11:
> I have also added a call to cracklib to check password strength prior
> to applying it. It all works well, but the task it to force users to
> use unique password every time they have to change it. A typical
> scenario I must prevent is this: user change the password for
> anything temporary, then changes it back to the one it used (or to a
> password slightly different from the one having been used).
> Could someone suggest an existing tool to integrate into
> smbldap-passwd to prevent using similar or the same passwords?
It's very simple to crack samba passwords ...
First you convert (with root rights) the LDAP passdb data to smbpasswd,
and then you run "ophcrack".
I've done this work on some systems; cracking 400 passwords needed about
4 hours (on slow machines).
Yes - I had the rights to do the job ...
It's no samba problem, it's an NTLM problem (a Microsoft problem).
More information about the samba