[Samba] How to check the password complexity in samba

Alex Domoradov alex.hha at gmail.com
Mon Sep 12 08:09:29 MDT 2011

Hi all, can someone give a working example for checking the password
complexity in samba?

I have tried the next one

1. Download and extract samba-3.4.15.tar.zg. Go to
samba-3.4.15/examples/auth/crackcheck and compile crackcheck
2. Copy crackcheck binary to the /usr/bin/
3. Check that the program working correctly

# /usr/bin/crackcheck -d /usr/share/cracklib/pw_dict
ERR - it is too short

# /usr/bin/crackcheck -d /usr/share/cracklib/pw_dict

Looks good.

4. Add the following line to the smb.conf and restart samba

check password script = /usr/bin/crackcheck -d /usr/share/cracklib/pw_dict

But when I change user password from command line (smbldap-passwd) or via
gui (srvtools), there is no warning. Even if I set 123 as password.

Am I missing something?

More information about the samba mailing list