[Samba] Password Filtering
ralph strebbing
blackbirdralph at gmail.com
Thu Apr 14 13:16:21 UTC 2022
On Wed, Apr 13, 2022 at 5:45 PM Andrew Bartlett <abartlet at samba.org> wrote:
> It should work the same, but samba-tool may be running in a very different environment to 'samba', for example in terms of a PATH. Turn up the logging in 'samba' via the smb.conf or (eg) -d10 to debug.
I set my log level = 10 but there is so much stuff pouring into the
logs it's a bit hard to know what I'm looking for.
I've also put the executable into a wrapper script as Jonathon did, so
my smb.conf now reads:
check password script = /etc/samba/astropwchg.sh
with the script containing the following:
#!/bin/bash
PWCACHE="--path /opt/pwcache"
LOGFILE="/opt/pwcache/pw.log"
exec /usr/local/bin/astrochkpwd $PWCACHE 2>>$LOGFILE
I also checked the logfile specified above to see if the script
returned some error, but there was nothing in the file, as if it
hadn't been called at all.
> This isn't impacted by group policies and the same settings are evaluated in both modes, indeed the same code is run (the password_hash module is invoked in both cases and calls the same helper).
To clarify, I'm changing the passwords via Windows Ctrl-Alt-Del Change
Password screen on an end-user host machine.
Thanks for the help so far, looking forward to anything else I can do
to diagnose this!
Regards,
Ralph
More information about the samba
mailing list