[Samba] Samba Password Complexity Requirements
Joseph Bell
joe at iachieved.it
Fri Nov 18 19:52:57 UTC 2022
Howdy.
We utilize Samba as our “AD” domain controller/LDAP, and I’m required to provide for a SOC2 audit the following: “password complexity requirements, account lockouts, and minimum lengths”. I’m covered on the latter too, but
https://samba.tranquil.it/doc/en/samba_advanced_methods/samba_password_policies.html (not canonical I know) and https://wiki.samba.org/index.php/Password_Settings_Objects are a bit oblique as to what makes up a “complex” password. Are special symbols required? Use of one of more character classes (lowercase, numbers, uppercase, special symbols)?
I then see “If you grep the codebase for 'msDS-ResultantPSO', you should find all the places that try to use it.” – will this lead me to the complexity requirements?
Thanks for any assistance in trying to track these down, I’m surprised it’s not better documented as the question comes up frequently on audits!
Yours,
Joe
More information about the samba
mailing list