On Fri, Aug 19, 2005 at 03:59:16PM -0500, Chris St. Pierre
wrote:> When a user tries logging in and enters the wrong password a few times
> in a row, their account becomes disabled. Is there a way to prevent
> this behavior? I couldn't find anything in the smb.conf man page
> about it.
>
> Alternatively, could we use a preexec script to just re-enable all
> accounts when there's a logon attempt? Or does that script only get
> executed after a user is authenticated?
The manual page of pdbedit has these entries:
-P account-policy
Display an account policy
Valid policies are: minimum password age, reset count minutes,
disconnect time, user must logon to change password, password
history, lockout duration, min password length, maximum pass-
word age and bad lockout attempt.
Example: pdbedit -P "bad lockout attempt"
account policy value for bad lockout attempt is 0
-C account-policy-value
Sets an account policy to a specified value. This option may
only be used in conjunction with the -P option.
Example: pdbedit -P "bad lockout attempt" -C 3
account policy value for bad lockout attempt was 0
account policy value for bad lockout attempt is now 3
HTH
Geert Stappers