[Samba] Samba 4 and bad lockout attempts

Stéphane PURNELLE stephane.purnelle at corman.be
Fri Aug 30 04:27:04 MDT 2013


I have a big problem.

I see that samba 4 don't have bad lockout attempts and if samba don't have 
this, I cannot deploy samba 4.

This setting is a security setting, it's very important.

A virus attack can be modered by this setting (password crack)  and the 
security bookfor IS from my compagny says : 

11.1.3 User password management  Recommendations  for access  account configuration 
The recommendations for password configuration are as follows:
• temporary initial password, to be modified upon first connection,
• password chosen by the user and known only by him/her,
• at least 8 characters,
• renewed at least every three months (90 days),
• no reuse of previous passwords (at least the last 10).

The recommendations for account configuration are as follows:
• suspension after 5 incorrect password entries (automatic or manual 
unlocking after a certain period)
• rapid unlock procedure that also works at a distance,
• restriction of connection times during the week for external user 
accounts (7am-10pm).

With samba4, I cannot respect that. and I must

best regards


Stéphane PURNELLE                         Admin. Systèmes et Réseaux 
Service Informatique       Corman S.A.           Tel : 00 32 (0)87/342467

More information about the samba mailing list