[Samba] Setting/Showing minimum password length > 14
Mark Foley
mfoley at ohprs.org
Tue Jan 24 20:16:15 UTC 2023
Thanks Andrew,
I will have to upgrade my Slackware to 15.0 in order to get a new version of Samba. Slackware
15.0 is at version 4.15.13. My Slackware 14.2 Samba isn't even at 4.8.2; it's only at 4.6.16. I
do need to upgrade since 15.0 has been officially out for about a year now.
Meanwhile, I set the PW length to 16 through Windows Group Policy, so for Windows users that
should work w/o problem. The Linux domain members are not for user logins.
Thanks --Mark
On Tue Jan 24 15:03:28 2023 Andrew Bartlett <abartlet at samba.org> wrote:
> On Tue, 2023-01-24 at 14:44 -0500, Mark Foley via samba wrote:
> > Our Homeland Security CISA advisor has advised setting our Windows
> > domain passwords to a 16
> > character minumum as, according to her, pw lengths 14 or less are
> > easily cracked but 16+ are
> > extremely difficult.
> >
> > I was able to set the Windows Group Policy minimum password length to
> > 16 characters, but when I
> > do 'samba-tool domain passwordsettings show' it still shows Minimum
> > password length: 8.
> >
> > The min=16 seems to work when Windows users change their passwords,
> > but why is this not
> > reflected in samba-tool? My Samba version is 4.8.2. Is that too old
> > for this attribute?
>
> On a version that old, bad passwords are the least of your concerns.
> ;-)
>
> Newer versions can interpret the group policy values, as I understand
> it (look at David Mulder's work) but the traditional way to set these
> is via 'samba-tool domain passwordsettings set' which is supported and
> enforced.
>
> Andrew Bartlett
> --
> Andrew Bartlett (he/him) https://samba.org/~abartlet/
> Samba Team Member (since 2001) https://samba.org
> Samba Team Lead, Catalyst IT https://catalyst.net.nz/services/samba
>
> Samba Development and Support, Catalyst IT - Expert Open Source
> Solutions
>
>
More information about the samba
mailing list