[Samba] password complexity bypasswd by check password script
Francis
francisd at gmail.com
Thu Feb 24 21:16:56 UTC 2022
Hello,
I was wondering why my DC allowed users to set weak passwords even if the
domain password policy requires "complexity".
I'm using a "check password script" that verifies if the password is leaked
in the HIBP database. I found that defining a check password script REPLACE
completely the built-in password complexity check. The documentation is not
clear on this subject and I wonder if this is a bug or a feature. If this
is indeed a "feature", I suggest editing the documentation to make it more
clear as this can lead to failure to meet security policies.
Thanks!
--
Francis
More information about the samba
mailing list