Mandi! Rowland Penny via samba In chel di` si favelave...> samba-tool domain passwordsettings set --complexity=offAhem, i've typed '--comploxity'... sorry... OK, option is available in samba-tool in 4.2, but does not seems to work: root at lupus:~# samba-tool domain passwordsettings set --complexity=off Password complexity deactivated! All changes applied successfully! root at lupus:~# smbpasswd gaio New SMB password: Retype new SMB password: Failed to modify account record CN=gaio,CN=Users,DC=ad,DC=corsi,DC=sv,DC=lnf,DC=it to set user attributes: 0000052D: Constraint violation - check_password_restrictions: the password is too short. It should be equal or longer than 8 characters! Failed to modify entry for user gaio. -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66 Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/ Polo FVG - Via della Bontà , 7 - 33078 - San Vito al Tagliamento (PN) marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797 Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA! http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000 (cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
Marc Muehlfeld
2017-Jun-21 10:29 UTC
[Samba] Classic upgrade and forced password change...
Hi Marco, Am 21.06.2017 um 12:17 schrieb Marco Gaiarin via samba:> Ahem, i've typed '--comploxity'... sorry... OK, option is available in > samba-tool in 4.2, but does not seems to work:This just turns off the need of complex passwords, but there are more settings, such as minimum length, number of previous passwords not allowed to reuse, etc. See: # samba-tool domain passwordsettings --help Regards, Marc
Mandi! Marc Muehlfeld via samba In chel di` si favelave... [in the meantime, moved to 4.5...]> > Ahem, i've typed '--comploxity'... sorry... OK, option is available in > > samba-tool in 4.2, but does not seems to work: > This just turns off the need of complex passwords, but there are more > settings, such as minimum length, number of previous passwords not > allowed to reuse, etc. > See: > # samba-tool domain passwordsettings --helpOk. But still mean that, if i want to set a temporary password for users, i need to unset *all* password policy, set the password and then restore them? But really no one here misses that feature? ;-) Could be possible, at least, to compute password hash ''offline'' and then put them via brute-force 'ldbmodify'? Someone have some hints? Thanks. -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66 Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/ Polo FVG - Via della Bontà , 7 - 33078 - San Vito al Tagliamento (PN) marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797 Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA! http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000 (cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)