[Samba] bad password lockout on 4.2.4
mourik jan heupink
heupink at merit.unu.edu
Thu Sep 24 07:03:01 UTC 2015
Hi,
Since two days, we upgraded from 4.1.17 to 4.2.4 (sernet, thanks!)
everything went well, and we have now implemented the bad password
lockout settings.
We have some users now that complained twice that they cannot logon, and
indeed: their account was locked, unlocking did the job.
But the question is: how can I find out more about the bad passwords
that were provided? Thinks like at what time, from what ip address, etc,
etc.
I can't find much in the DC's logs, though I guess that is where to
look..? Is a certain minimum log level required perhaps?
We have three dc's, one (separate) fileserver, one mail, and some other
services, all authenticating to our three dc's, so I guess those dc's
would be the place to look...
Thanks in advance,
MJ
More information about the samba
mailing list