[Samba] Samba, ldap, password complexity, cracklib - questions

Götz Reinicke goetz.reinicke at filmakademie.de
Thu Feb 2 07:00:45 MST 2012


we run a Redhat samba 3.5.4 PDC with openldap 2.4 as
user/passwordbackend. The ldap also contains the posix information for
the users to login to some web/mail/etc. servers.

I'm faced with the task to implement a 'both worlds' compatible paswword
sync process regarding complexity etc.

For the posix account password we use a webfrontend, configure to use
pam/cracklib checks which works fine. E.g. 'hello' is NOT allowed as
password :-)

Checking the password change from a windows 7 / XP notebook reveals,
that there is not such a complexity check used. E.g. 'hello' IS allowed
as a users password. :-(

Password syncing (posix <-> windows) works. That means changing from the
web or windows changes both ldap entries.

My question: can someone point me to some docs or can someone explain
how I can use (the same/a) camplexity check when changing passwords from

	Thanks a lot and best regards . Götz

Götz Reinicke

Tel. +49 7141 969 420
Fax  +49 7141 969 55 420
E-Mail goetz.reinicke at filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats:
Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Prof. Thomas Schadt

More information about the samba mailing list