similar to: passphrase quality

Hi there, Here are the facts: - I have samba 3.4.2-0.42.fc11 running on a Fedora 11 system. - Samba is acting as a domain controller, no Windows server involved. - I am using tdbsam. - I need to enforce certain password requirements. The password requirements are: - min 8 characters - expiration 90 days - last 10 passwords may not be reused - not a dictionary word Per the Samba 3.2 FAQ, the

Hello, I would like to enforce some level of password complexity when users change their password. I have a Samba PDC running on Debian set to sync Unix passwords. I'm trying to get Samba to work with cracklib, but it isn't going well. Here is what I've tried: Installed libpam-cracklib, compiled examples/auth/crackcheck and copied the binary to /usr/local/sbin. I added the

Hi Samba folks, I had a couple questions about password complexity checking. To preface, in smb.conf, we set: check password script = /usr/local/sbin/crackcheck -d /usr/share/cracklib/pw_dict Also, if I understand correctly: /usr/local/sbin/crackcheck comes from samba source rpm package. maybe we need to compile it ourselves. /usr/share/cracklib/pw_dict* comes from cracklib-dicts rpm

I'm testing Samba 3.0.3pre2 and am particularly interested in the new --with-cracklib support. I see the configuration directive to enable cracklib functionality in the changelog, but am curious if anyone has any additional documentation. The man pages, etc... appear not to be updated yet. Is there any mechanism for 'tweaking' the password strenth rules, as there is with

I have Samba PDC with an LDAP backend. I just realized that the users can reset their passwords to anything, a single character a space. Is there anyway to prevent this?

Hi everyone, A quick question: Is check password script option working for ad dc setup? I believe, ad on it's own cannot provide password protection against dictionaries.

I would like to bump my question 2015-05-27 10:21 GMT+03:00 Krutskikh Ivan <stein.hak at gmail.com>: > Hmm, looks like it's not. I've just set the password for something that > cracklib-check would argue using both ad management tools and at windows > login. Should it work that way or I'm missing something? > > My dc's smb.conf: > > [global] >

-----BEGIN PGP SIGNED MESSAGE----- Hi, I''ve got several replies, thank you for them. Let me summarize: o Many people say there is a PAMified version of ssh available at ftp://ftp.replay.com/pub/crypto/redhat/SRPMS (the source) ftp://ftp.replay.com/pub/crypto/redhat/i386 (Intel binaries) (there are analogous paths for the other architectures). The packages are made by Jan

I also sorted the list. Between libguestfs 1.28 and 1.30, the appliance grew from 95MB to 213MB. Using guestmount and filelight (see link below) I could see that the main contributor was these two directories, which should not be necessary. With this change, the size goes down to 119MB. See also: https://rwmj.wordpress.com/2015/07/23/why-has-the-libguestfs-appliance-grown-by-118-mb/ ---

This seems to be common thread on the list, but I'm pulling my hair out and have to ask.. I've been following a couple of guides and using AD to authenticate users on my linux system. These include the ubuntu guide -- https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto - https://wiki.samba.org/index.php/Setup_Samba_as_an_AD_Domain_Member -

Hi ! I'still running a samba domain controller on a rhel 5 machine, so it is version samba-3.0.33-3.7.el5. Users and accounts are still stored in a ldap database and everything works fine. Now that my setup is complete, I'd like to - force every user of the domain to change their password the next time they open a session on their workstation - be sure that the password is complex

Rowland Penny schrieb am 28.03.2015 00:15: > I installed jessie in a vm to test it, seeing as how sernet hasn't got > round to releasing 4.2 packages yet and then Peter posted that he had > got 4.2 running on jessie. I would love to know how he did this ? Oh. I am a pretty newbie on this field. Maybe that helped... First I install the basic system including LXDE. On the problem

Package: logcheck-database Severity: wishlist Tags: patch Please consider applying the attached patch. Logcheck doesn't match lines like the following right now: ---- Jan 26 04:26:29 space-based cracklib: updated dictionary (read/written words: ). ---- /Armin -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'),

Hi, It's a shame that the sshd/sftp-server programs do not support chroot and sftp-only users. As far as I can tell, there's a patch availble that modifies OpenSSH to chroot() based on a specific entry in /etc/passwd. Since, I personally, do not enjoy applying unofficial patches to released programs, I was looking for an alternative but found none. I've written a small sample

Hi, I've got samba3 on ubuntu 12 up and running with one exception. I try to get password complexity working to no avail. I understood I needed crackcheck, which in turn needed to be compiled. I downloaded the samba-doc package, and tried to compile crackcheck with a simple make, but all it returns is failure with the following error: crackcheck.c:6:19: fatal error: crack.h: No such file

Hallo, we run a Redhat samba 3.5.4 PDC with openldap 2.4 as user/passwordbackend. The ldap also contains the posix information for the users to login to some web/mail/etc. servers. I'm faced with the task to implement a 'both worlds' compatible paswword sync process regarding complexity etc. For the posix account password we use a webfrontend, configure to use pam/cracklib checks

Before I begin, big thanks to John Terpstra for helping me out with my previous issues. But alas I have another issue, I need to enforce strong passwords on windows side (i.e. ctrl+alt+delete change password), minimum password length, can't be dictionary words, etc. etc. (Setup is Samba 3.0.0 as PDC with LDAP passdb) >From what I undersatnd previously this could've been done using

Hi all, can someone give a working example for checking the password complexity in samba? I have tried the next one 1. Download and extract samba-3.4.15.tar.zg. Go to samba-3.4.15/examples/auth/crackcheck and compile crackcheck 2. Copy crackcheck binary to the /usr/bin/ 3. Check that the program working correctly # /usr/bin/crackcheck -d /usr/share/cracklib/pw_dict 123 ERR - it is too short #

I downloaded the iso's for x86_64 (twice, from 2 different mirrors) and none of them check sum. Anyone else having this issue? Tim

Hi all, If I try yum grouplist "FTP Server" I get the next large output: Dependencies Resolved ============================================================================= Package Arch Version Repository Size ============================================================================= Installing: OpenIPMI x86_64