[Samba] check accounts for known bad passwords

mj lists at merit.unu.edu
Thu Jul 20 13:52:13 UTC 2017


Des anyone know if a script of some sort or way to check my samba 
accounts for known bad passwords, such as "123321", "1q2w3e", and such?

We are currently the target by a botnet, trying out those easy passwords 
on our imap server. While many (all?) of our users have good complex 
paswords, I am not 100% sure about *all* of them. If possible I'd like 
to disable their accounts, in the case of such bad passwords.

It would be good if such a snippet would bypass the bad_password_count 
policies, etc, so that I could scan accounts without them becoming 
locked due to too many failed passwords.

Anyone with an idea how to do this?


More information about the samba mailing list