Displaying 20 results from an estimated 26 matches for "cracklib_dict".
2008 Dec 09
0
check password script
...ript
output other than exits.
Can anyone guide me to the right place?
Cracklib.sh script;
#!/bin/sh
if [ `echo $1 | egrep -e '[A-Z]' | egrep -e '[a-z]' | egrep -e '[0-9]' 2>
/dev/null` ]; then
echo $1 | /sbin/crackcheck -d
/var/cache/cracklib/cracklib_dict 2>& 1> /dev/null
exit $?
else
if [[ `echo $1 | egrep -e '[@#$%^&+=:;!]' 2> /dev/null` && `echo $1
| egrep -e '[0-9]' 2> /dev/null` || `echo $1 | egrep -e '[@#$%^&+=:;!]' 2>
/dev/null` && `echo $1 | egrep...
2006 Dec 26
2
password strenght doubt
...passwords = yes
pam password change = yes
passdb backend = ldapsam:"ldap://127.0.0.1
ldap://alem-ldap.jusbaires.gov.ar ldap://alem-systemlog.jusbaires.gov.ar"
passwd chat debug = no
check password script = /usr/local/bin/crackcheck -d
/var/cache/cracklib/cracklib_dict
unix charset = 850
dont descend = .recycle
delete veto files = yes
restrict anonymous = 1
#Profiles stuff
logon script = netlogon.%U.bat
logon path = \\PDC\profiles\%U
logon home = \\PDC\personal
logon drive = H:
hide files =...
2009 Dec 17
2
samba password complexity help?
..."maximum password age" -C 90
These items appear to work with no difficulty. However this does not
address the dictionary/complexity requirement.
I have seen the following suggestion elsewhere on the samba list:
check password script = /usr/local/sbin/crackcheck -d
/var/cache/cracklib/cracklib_dict
I am not able to use this suggestion directly. No file "crackcheck" is
present on my system. There is a /usr/sbin/cracklib-check but it seems
to work on a file or stream, like grep or something, as opposed to
returning a value as a function. And it does not seem to accept a "-d&q...
2007 Feb 04
1
Failed join a domain, root found ok, Administrator not found
...-enter*new*password* %n\n
*Result**Success****
# Settings to debug passwd chat
#passwd chat debug = Yes
#debug level = 103
#log level = passdb:5
# Crackcheck settings to allow NT style password complexity checks
check password script = /sbin/crackcheck -c -d
/usr/lib/cracklib_dict
log level = 2
syslog = 0
log file = /var/log/samba/%m.log
max log size = 100000
time server = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
mangling method = hash2
Dos charset = 850
Unix charset = ISO8859-1
#...
2019 Jan 28
5
Samba 4.9.4 - high RAM usage - OOM killer
...92.168.100.20 192.168.0.21
192.168.100.21
server role check:inhibit=yes
ldap server require strong auth = no
wins support = yes
server role = active directory domain controller
check password script = /usr/local/bin/crackcheck -c -d
/var/cache/cracklib/cracklib_dict
idmap_ldb:use rfc2307 = yes
server schannel = auto
[netlogon]
path = /var/lib/samba/sysvol/corp.lncsa.com/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
# du -shxc sam.ldb*
4.1M sam.ldb
132M sam.ldb.d
136M ...
2007 Feb 16
3
pdbedit password policy - not updating ldapsam
...unix password sync = Yes
passwd program = /usr/sbin/ldap_userPassword_change %u
passwd chat = *New*password* %n\n *Re-enter*new*password* %n\n
*Result**Success****
# Crackcheck settings to allow NT style password complexity checks
check password script = /sbin/crackcheck -c -d /usr/lib/cracklib_dict
passdb backend = ldapsam:"ldap://ldap-1 ldap://ldap-2"
ldap admin dn = cn=Manager,dc=example,dc=org
ldap suffix = dc=dc=example,dc=org
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Idmap
idmap ba...
2017 Dec 14
1
Combining "--complexity=off" and "check password script"
I would like to understand how the "check password script" interacts
with enabling/disabling password complexity checks.
That is: if I configure
check password script = /usr/local/samba/sbin/crackcheck -d
/var/cache/cracklib/cracklib_dict
is this called *in addition* to the default complexity checking, or
instead of it? And if I set
samba-tool domain passwordsettings set --complexity=off
with a check password script configured, does this setting disable the
check password script as well, or just the built-in complexity che...
2007 Jan 31
1
Enforce Strong Passwords LDAP PDC
I've scoured the mailing list archives and the internet...has anyone
actually figured out how to enforce strong passwords when using Samba
and LDAP as a PDC?
My users are allowed to change their Windows XP passwords, how do I
enforce the use of strong passwords (either locally or globally)?
--
*Jason Baker
*/IT Coordinator/
*Glastender Inc.*
5400 North Michigan Road
Saginaw, Michigan
2005 Aug 15
1
enforcing password compexity (check password script, cracklib)
Hello,
I would like to enforce some level of password complexity when users
change their password. I have a Samba PDC running on Debian set to sync
Unix passwords. I'm trying to get Samba to work with cracklib, but it
isn't going well.
Here is what I've tried:
Installed libpam-cracklib, compiled examples/auth/crackcheck and copied
the binary to /usr/local/sbin.
I added the
2007 Feb 20
1
"gid of user xxx doesn't exist" error repeatedly posted to /var/messages
...n/passwd %u
smb ports = 139
strict locking = no
lock spin time = 15
lock spin count = 30
veto oplock files = /*.mdb/*.MDB/*.xls/*.XLS/*eudora*/
write cache size = 262144
passwd chat = *new*password* %n\n*new*password* %n\n *changed*
check password script = /usr/bin/crackcheck -c -d /usr/lib/cracklib_dict
Any ideas? Any help would be appreciated.
--
Best regards,
L. Fred Nuffer
Support Systems Analyst, Senior
Parking and Transportation Services
Email: fnuffer@email.arizona.edu
2019 Jan 28
0
Samba 4.9.4 - high RAM usage - OOM killer
...2.168.100.21
> server role check:inhibit=yes
> ldap server require strong auth = no
> wins support = yes
> server role = active directory domain controller
> check password script = /usr/local/bin/crackcheck -c -d
> /var/cache/cracklib/cracklib_dict
> idmap_ldb:use rfc2307 = yes
> server schannel = auto
>
> [netlogon]
> path = /var/lib/samba/sysvol/corp.lncsa.com/scripts
> read only = No
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
>
>...
2019 Jan 28
0
Samba 4.9.4 - high RAM usage - OOM killer
...gt; 192.168.100.21
> server role check:inhibit=yes
> ldap server require strong auth = no
> wins support = yes
> server role = active directory domain controller
> check password script = /usr/local/bin/crackcheck -c -d
> /var/cache/cracklib/cracklib_dict
> idmap_ldb:use rfc2307 = yes
> server schannel = auto
>
> [netlogon]
> path = /var/lib/samba/sysvol/corp.lncsa.com/scripts
> read only = No
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
>
> # du -shx...
2009 Sep 11
1
New Files do not belong to the User who created them...
...LW-I/Dokumente#
Here is my SHORT smb.conf :
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[global]
workgroup = ZKS
server string =
obey pam restrictions = Yes
passdb backend = ldapsam:"ldap://zksfs.somedomain.de"
check password script = /sbin/crackcheck -c -d
/var/cache/cracklib/cracklib_dict
log level = 0 auth:3
syslog = 1000
syslog only = Yes
log file = /var/log/samba/samba.log
max log size = 10000
debug pid = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
show add printer wizard = No
add machine script = /usr/sbin/smbldap-useradd -t...
2016 Sep 21
2
Samba loose the user forward as member Server
...roup
ldap machine suffix = ou=computers
idmap backend = ldap:ldap://127.0.0.1/
ldap idmap suffix = ou=idMap
idmap uid = 40000-50000
idmap gid = 40000-50000
ldap passwd sync = yes
check password script = /sbin/crackcheck -c -d
/usr/lib64/cracklib_dict
MEMBER SERVER
Samba 4.1.12 /.14 / 4.5.0
[global]
workgroup = DOMAIN
realm = DOMAIN
#netbios name = %h
server string = Samba Server Version %v
#security = user
security = domain
server role = member server
ntlm auth = No
log file = /var/log/samba/log.%m
max log size = 50
idmap config * : backend...
2007 Sep 25
2
Stumbling blocks moving to NTLMv2
...rfaces = bond0
passdb backend = ldapsam:"ldaps://pri-ldap:636"
passwd program = /usr/sbin/ldap_userPassword_change %u
passwd chat = *New*password* %n\n *Re-enter*new*password* %n\n
*Result**Success****
check password script = /sbin/crackcheck -c -d
/usr/lib/cracklib_dict
unix password sync = Yes
lanman auth = No
ntlm auth = No
client NTLMv2 auth = Yes
client lanman auth = No
client plaintext auth = No
log level = 2
syslog = 0
log file = /var/log/samba/%m.log
max log size = 100000...
2007 Mar 07
1
Cannot Join Client to Domain
...p = /etc/samba/smbusers
wins support = yes
#=========Security======================
encrypt passwords = yes
pam password change = yes
name resolve order = wins bcast hosts
winbind nested groups = no
# obey pam restrictions = yes
# check password script = /usr/local/sbin/crackcheck -d /usr/lib/cracklib_dict
#---------------LDAP----------------
passdb backend = ldapsam:ldap://127.0.0.1/
ldap passwd sync = Yes
ldap suffix = dc=mydomain,dc=com
ldap admin dn = cn=Manager,dc=mydomain,dc=com
ldap ssl = no
ldap group suffix = ou=Groups
ldap user suffix = ou=People
ldap machine suffix = ou=People
lda...
2010 Oct 11
1
Domain trusts with W2003 and SAMBA 3.0.33 on RHEL
...ebug = No
passwd program = /usr/sbin/smbldap-passwd -u %u
passwd chat = "Changing UNIX password for*\nNew password*" %n\n
"*Retype new password*" %n\n"
passwd chat timeout = 2
check password script = /usr/sbin/crackcheck -c -d
/usr/lib/cracklib_dict
username map =
password level = 0
username level = 0
unix password sync = Yes
ntlm auth = Yes
restrict anonymous = Yes
lanman auth = No
;ntlm auth = No
client NTLMv2 auth = Yes
client lanman auth = No...
2018 Mar 02
1
Fwd: Migrating server
...t passwords = true
>> password server = sam3dc
> What sould be the benefit ???
> At first you setup this host as a PDC and then you delegate
> to an other password server?
>
>> check password script = /usr/local/sbin/crackcheck -d
>> /var/cache/cracklib/cracklib_dict
>>
>> unix password sync = No
> You should add:
> ldap passwd sync = yes
> pam password change = yes
> to sync windows and unix passwords.
>
>> log level = 10 auth:5
> tooooooooooooo high
> log level = 1 auth:5
> ma...
2016 Sep 21
0
Samba loose the user forward as member Server
...suffix = ou=computers
> idmap backend = ldap:ldap://127.0.0.1/
> ldap idmap suffix = ou=idMap
> idmap uid = 40000-50000
> idmap gid = 40000-50000
> ldap passwd sync = yes
> check password script = /sbin/crackcheck -c -d /usr/lib64/cracklib_dict
>
>
> MEMBER SERVER
> Samba 4.1.12 /.14 / 4.5.0
>
> [global]
>
> workgroup = DOMAIN
> realm = DOMAIN
> #netbios name = %h
> server string = Samba Server Version %v
> #security = user
> security = domain
> server role = member server
> ntlm auth = No
>...
2018 Mar 02
0
Fwd: Migrating server
...= no
>
> encrypt passwords = true
> password server = sam3dc
What sould be the benefit ???
At first you setup this host as a PDC and then you delegate
to an other password server?
> check password script = /usr/local/sbin/crackcheck -d
> /var/cache/cracklib/cracklib_dict
>
> unix password sync = No
You should add:
ldap passwd sync = yes
pam password change = yes
to sync windows and unix passwords.
> log level = 10 auth:5
tooooooooooooo high
log level = 1 auth:5
makes more sense
> syslog = 0
>...