[Samba] Samba 4 and bad lockout attempts
stephane.purnelle at corman.be
Fri Aug 30 04:27:04 MDT 2013
I have a big problem.
I see that samba 4 don't have bad lockout attempts and if samba don't have
this, I cannot deploy samba 4.
This setting is a security setting, it's very important.
A virus attack can be modered by this setting (password crack) and the
security bookfor IS from my compagny says :
11.1.3 User password management
22.214.171.124 Recommendations for access account configuration
The recommendations for password configuration are as follows:
• temporary initial password, to be modified upon first connection,
• password chosen by the user and known only by him/her,
• at least 8 characters,
• renewed at least every three months (90 days),
• no reuse of previous passwords (at least the last 10).
The recommendations for account configuration are as follows:
• suspension after 5 incorrect password entries (automatic or manual
unlocking after a certain period)
• rapid unlock procedure that also works at a distance,
• restriction of connection times during the week for external user
With samba4, I cannot respect that. and I must
Stéphane PURNELLE Admin. Systèmes et Réseaux
Service Informatique Corman S.A. Tel : 00 32 (0)87/342467
More information about the samba