[Samba] User accounts being blocked
Ricardo Pardim Claus
ricardo.claus at yahoo.com.br
Fri Aug 19 18:45:25 UTC 2016
> Windows has some "features" which can create a lot of fake invalid logon
> attempts.
> Windows remembers userids and passwords until logout, and whenever you > want to access a protected share, it automatically first tries with
> stored passwords, before showing a password prompt.
> If users are using local accounts (for example on their personal
> notebooks), and have different username or password on the server,
> Windows will always first try to log in to the server with the local
> credentials.
> Also Windows remembers all shares that you ever used (unless you connect
> always with "net use share /user:xxx * /persistent:no", or you remove
>them with "net use share /delete"), and Windows tries to access all
> previously known shares many times, for example each time you open Explorer.
> If you revoke a user the right to access a share, which they previously
> used, and they do not specifically disconnect from it, Windows will keep
> trying many times per day to access it.
> Maybe some users once clicked on "remember password", and later changed
> the password on the server. Now some of their devices (maybe a
> smartphone) silently keeps trying with the old password.
Dear Klaus
I appreciate the contribution.
Here the company carried out a work to migrate the Windows Server DC for Samba 4. GPO settings are the same as we used in Windows Server.
The shared network drive mapping is set by a GPO, which used the "/delete /yes and persistent:no".
The doubts are generated precisely because it did not happen with the DC MS.
The authentication credentials in AD are used only on desktops. In other devices (tablet / smartphone) do not use credentials.
I keep looking for a solution to this issue.
More information about the samba
mailing list