Displaying 20 results from an estimated 3000 matches similar to: "Samba/Cracklib Documentation?"
2004 Apr 16
1
Why (&(objectClass=sambaDomain)(sambaDomainName=SARDINE))?
I have a member server that is constantly querying the LDAP server with -
(&(objectClass=sambaDomain)(sambaDomainName=SARDINE))
- when security=domain and workgroup=backbone. The server DOES authenticate
domain users, and everything seems to work, but this draining resources.
This is RH9, Samba 3.0.3pre2 (although I'm pretty certain I saw this on 3.0.2)
and OpenLDAP openldap-2.1.25-1
2012 Feb 02
2
Samba, ldap, password complexity, cracklib - questions
Hallo,
we run a Redhat samba 3.5.4 PDC with openldap 2.4 as
user/passwordbackend. The ldap also contains the posix information for
the users to login to some web/mail/etc. servers.
I'm faced with the task to implement a 'both worlds' compatible paswword
sync process regarding complexity etc.
For the posix account password we use a webfrontend, configure to use
pam/cracklib checks
2005 Aug 15
1
enforcing password compexity (check password script, cracklib)
Hello,
I would like to enforce some level of password complexity when users
change their password. I have a Samba PDC running on Debian set to sync
Unix passwords. I'm trying to get Samba to work with cracklib, but it
isn't going well.
Here is what I've tried:
Installed libpam-cracklib, compiled examples/auth/crackcheck and copied
the binary to /usr/local/sbin.
I added the
2004 Apr 15
0
Restricting Access To a Workstation
My PDC is a Samba-3.0.3pre2/LDAPSAM/Redhat box. I'd like to restrict logon
access to a specific workstation to members of a given group. My initial
throught was to specify a "valid users=@group" in the globals section of an
included file (smb.conf.%m kind of thing). Only this doesn't seem to do
anything; valid users is a share only directive? Is there anyway to limit
logon
2004 Jun 21
0
samba 3.0.4 don't works with cracklib
Hi!
I've wrote to you on previous occasion but surprisingly nobody seems to have
this
problem, I don't know if it can be an error mine in the configuration files
or if it's a problem in the Samba with cracklib, well I've installed samba
3.0.4
and put in the file /etc/pam.d/samba an entry to the cracklib library but smbd
seems
to do nothing with this line, I've devel
2004 Jun 15
0
Help with cracklib
Hi! before nothing, sorry for my english, I hope you understand me.
I've a problem with the new samba 3.0.4-1.12, before I had the version 3.0.2a
with LDAP
for administrate all the users and when a samba password expired I used the
"use cracklib"
parameter for force the user to insert a strong password, well now this
parameter isn't
avaliable and I believe that must make it
2007 Jan 26
2
Bug#408557: logcheck-database: little fix for a cracklib rule
Package: logcheck-database
Severity: wishlist
Tags: patch
Please consider applying the attached patch.
Logcheck doesn't match lines like the following right now:
----
Jan 26 04:26:29 space-based cracklib: updated dictionary (read/written words: ).
----
/Armin
-- System Information:
Debian Release: 4.0
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'),
2001 Apr 04
2
Password Expirey
Is there anyway to expire password for windows clients with a Samba (in my case
recent alpha version)? I found a post the TNG parameter "password expire time =
10" but a "strings smbd | grep expire" didn't turn in up in the binary. Anyone
have any ideas if this is possble (I see it posted frequently to the archives,
but no answers).
Systems and Network Administrator
2009 Dec 17
2
samba password complexity help?
Hi there,
Here are the facts:
- I have samba 3.4.2-0.42.fc11 running on a Fedora 11 system.
- Samba is acting as a domain controller, no Windows server involved.
- I am using tdbsam.
- I need to enforce certain password requirements.
The password requirements are:
- min 8 characters
- expiration 90 days
- last 10 passwords may not be reused
- not a dictionary word
Per the Samba 3.2 FAQ, the
2012 Feb 14
1
questions about password complexity checking.
Hi Samba folks,
I had a couple questions about password complexity checking.
To preface, in smb.conf, we set:
check password script = /usr/local/sbin/crackcheck -d
/usr/share/cracklib/pw_dict
Also, if I understand correctly:
/usr/local/sbin/crackcheck comes from samba source rpm package.
maybe we need to compile it ourselves.
/usr/share/cracklib/pw_dict* comes from cracklib-dicts rpm
2009 Feb 22
1
Changing LDAP userPassword fails: Internal (implementation specific) error
openldap-2.3.27-8.el5_2.4,samba3-3.2.8-38
An smbpasswd by root to change a user's password fails with:
[root@littleboy samba]# smbpasswd adam
New SMB password:
Retype new SMB password:
ldapsam_modify_entry: LDAP Password could not be changed for user adam:
Internal (implementation specific) error
password hash failed
Failed to modify entry for user adam.
Failed to modify password entry for
2004 Nov 12
1
Why %M makes two log files?
I use log.%M to get per client logs. This works but I always end up
with -
[root@littleboy root]# cd /var/log/samba
[root@littleboy samba]# ls -l log.pc01699
-rw-r--r-- 1 root root 2642617 Nov 12 07:30 log.pc01699
[root@littleboy samba]# host pc01699
pc01699.morrison.iserv.net has address 192.168.19.191
[root@littleboy samba]# host 192.168.19.191
191.19.168.192.in-addr.arpa domain
2015 Nov 03
4
ssh authentication with AD
This seems to be common thread on the list, but I'm pulling my hair out and
have to ask..
I've been following a couple of guides and using AD to authenticate users
on my linux system. These include the ubuntu guide --
https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto
- https://wiki.samba.org/index.php/Setup_Samba_as_an_AD_Domain_Member
-
2005 Sep 15
0
Winbind trouble when on the DC
I have a situation where I want to do some authentication via ntlm_auth on my
DC. I've tested this on my test box (a domain member) and it works perfectly.
On domain member -
tor:~ # /usr/bin/ntlm_auth --username=adam --domain=BACKBONE --password=********
NT_STATUS_OK: Success (0x0)
On domain controller -
littleboy:~ # /usr/bin/ntlm_auth --username=adam --domain=BACKBONE
2015 Jul 23
1
[PATCH] appliance: exclude /usr/share/fonts and /usr/share/icons.
I also sorted the list.
Between libguestfs 1.28 and 1.30, the appliance grew from 95MB to 213MB.
Using guestmount and filelight (see link below) I could see that the
main contributor was these two directories, which should not be
necessary.
With this change, the size goes down to 119MB.
See also:
https://rwmj.wordpress.com/2015/07/23/why-has-the-libguestfs-appliance-grown-by-118-mb/
---
2015 May 27
1
check password script for samba 4 ad dc
I would like to bump my question
2015-05-27 10:21 GMT+03:00 Krutskikh Ivan <stein.hak at gmail.com>:
> Hmm, looks like it's not. I've just set the password for something that
> cracklib-check would argue using both ad management tools and at windows
> login. Should it work that way or I'm missing something?
>
> My dc's smb.conf:
>
> [global]
>
2011 Sep 12
1
How to check the password complexity in samba
Hi all, can someone give a working example for checking the password
complexity in samba?
I have tried the next one
1. Download and extract samba-3.4.15.tar.zg. Go to
samba-3.4.15/examples/auth/crackcheck and compile crackcheck
2. Copy crackcheck binary to the /usr/bin/
3. Check that the program working correctly
# /usr/bin/crackcheck -d /usr/share/cracklib/pw_dict
123
ERR - it is too short
#
2009 Feb 17
4
Howto force all users of a samba domain controller to change their password ?
Hi !
I'still running a samba domain controller on a rhel 5 machine, so it is
version samba-3.0.33-3.7.el5. Users and accounts are still stored in a ldap
database and everything works fine.
Now that my setup is complete, I'd like to
- force every user of the domain to change their password the next time they
open a session on their workstation
- be sure that the password is complex
2016 Sep 19
1
"Unable to fetch value for secret ..., are we an undetected RODC?"
On Mon, 19 Sep 2016 10:50:25 -0400
Adam Tauno Williams via samba <samba at lists.samba.org> wrote:
> On Mon, 2016-09-19 at 10:45 -0400, Adam Tauno Williams via samba
> wrote:
> > Since upgrading S4 DCs I am see the following message in log.samba -
> > The message "Unable to fetch value for secret BCKUPKEY_13bb48fc-0844
> > -4736-9972-e26453333856, are we an
2004 Sep 28
0
Réf. : Re: Re: Authenticateing DC's on an ldap backend... nobody knows how?
I know, but I want to say that samba manage machine group same as a other
group, not for Domain Users and Domain Admin group.
You can create a group for machine account but, I think that actually is
not very important for samba domain.
I can be mistaken.
-----------------------------------
St?phane PURNELLE stephane.purnelle@corman.be
Service Informatique Corman