[Samba] check accounts for known bad passwords
lists at merit.unu.edu
Thu Jul 20 13:52:13 UTC 2017
Des anyone know if a script of some sort or way to check my samba
accounts for known bad passwords, such as "123321", "1q2w3e", and such?
We are currently the target by a botnet, trying out those easy passwords
on our imap server. While many (all?) of our users have good complex
paswords, I am not 100% sure about *all* of them. If possible I'd like
to disable their accounts, in the case of such bad passwords.
It would be good if such a snippet would bypass the bad_password_count
policies, etc, so that I could scan accounts without them becoming
locked due to too many failed passwords.
Anyone with an idea how to do this?
More information about the samba