[Samba] old CIFS mount causes account lockout in AD when password changed
Paul Raines
raines at nmr.mgh.harvard.edu
Tue Dec 15 21:02:53 UTC 2020
We had a user whose account in AD was locked out due to bad auth limit after
changing his password. The AD team would unlock it but it would get
immediately locked up again in a few minutes
Eventually we got someone who could read the logs to find out the bad auth
errors were coming from one of the central storage servers. But no
one could track it any further than that.
We eventually found the user has made a mount.cifs mount on a Linux
box just doing
mount.cifs //server/share /mnt/tmp -o user=ADuser,domain=ADdomain
that was still mounted. As soon as we unmounted it the bad auth errors
to AD went away and the account stayed unlocked in AD
Is the cifs module caching the password and re-using it to reconnect if
the connection is cut? Is there anyway to prevent that or limit the
attempts?
More information about the samba
mailing list