[Samba] Samba Password Complexity Requirements
rpenny at samba.org
Fri Nov 18 20:03:13 UTC 2022
On 18/11/2022 19:52, Joseph Bell via samba wrote:
> We utilize Samba as our “AD” domain controller/LDAP, and I’m required to provide for a SOC2 audit the following: “password complexity requirements, account lockouts, and minimum lengths”. I’m covered on the latter too, but
> https://samba.tranquil.it/doc/en/samba_advanced_methods/samba_password_policies.html (not canonical I know) and https://wiki.samba.org/index.php/Password_Settings_Objects are a bit oblique as to what makes up a “complex” password. Are special symbols required? Use of one of more character classes (lowercase, numbers, uppercase, special symbols)?
> I then see “If you grep the codebase for 'msDS-ResultantPSO', you should find all the places that try to use it.” – will this lead me to the complexity requirements?
> Thanks for any assistance in trying to track these down, I’m surprised it’s not better documented as the question comes up frequently on audits!
I would have thought that the google result for 'active directory
password complexity', which is about 4,170,000 results is well
The Samba requirement for password complexity is the same as Microsoft AD.
More information about the samba