implementing password lockout
Jim McDonough
jmcd at us.ibm.com
Mon Jan 26 14:22:03 GMT 2004
Simo, thanks for clarifying that...but I still have a few issues to clear
up, since we don't (yet) have real windows replication:
When the bad password count isn't replicated, if we're using LDAP
replication, we're going to replicate it, so we'll have to store a time for
the last bad password, no? We can't choose to selectively replicate
attributes sometimes, but not others. This is what Jianliang has in his
patch, and it makes sense to me.
I still think we need a local version, though, because if we don't, then if
the PDC is down what happens when a user enters a bad password? A correct
password should be OK, but a bad password attempt...?
----------------------------
Jim McDonough
IBM Linux Technology Center
Samba Team
6 Minuteman Drive
Scarborough, ME 04074
USA
jmcd at us.ibm.com
jmcd at samba.org
Phone: (207) 885-5565
IBM tie-line: 776-9984
More information about the samba-technical
mailing list