[Samba] Passwordsettings
timbeale at catalyst.net.nz
timbeale at catalyst.net.nz
Thu Oct 4 18:56:17 UTC 2018
As Rowland points out, that password already meets the complexity
criteria, so I don't think Password Settings Objects (PSOs) will help
here. PSOs allow you to tailor different passwordsettings for different
users, i.e. turn complexity on or off for specific users. PSOs don't let
you customize the criteria that determines whether a password is complex
or not.
So you could use PSOs to enforce a longer minimum password length for
certain users, but they would likely just make the string of digits
longer.
For reference, there's more about PSOs here:
https://wiki.samba.org/index.php/Password_Settings_Objects
On 2018-10-03 07:25, Rowland Penny via samba wrote:
> On Tue, 2 Oct 2018 15:13:36 -0300
> Carlos via samba <samba at lists.samba.org> wrote:
>
>> Hi!
>>
>> I have one question about passwordsettings in Samba 4:
>>
>> My configuration:
>>
>> S.O. : Ubuntu 16.04
>>
>> Samba Version: 4.7.7
>>
>> --
>>
>> samba-tool domain passwordsettings show
>>
>> Password complexity: on
>> Store plaintext passwords: off
>> Password history length: 24
>> Minimum password length: 7
>> Minimum password age (days): 0
>> Maximum password age (days): 180
>> Account lockout duration (mins): 30
>> Account lockout threshold (attempts): 0
>> Reset account lockout after (mins): 30
>>
>> --
>>
>>
>> My Question is, one user have password *T12345678t* , sequential
>> number, i liked know i how block this with "Password complexity" ? It
>> is possible ?
>>
>> Thanks
>>
>>
>> Regards;
>>
>
> You cannot, T12345678t is a valid complex password, even more so if the
> '*' is part of the password. You could consider upgrading to 4.9.1
> which has 'Password Settings Objects'. This might be what you are
> looking for.
>
> Rowland
More information about the samba
mailing list