similar to: Sarbanes-Oxley headaches

Hi Jerry, I'v got FC4 with the development version of samba (3.0.20-2) I still have these debug_lookup_classname(ads): Unknown class and debug_lookup_classname(rpc): Unknown class errors. winbind aswell as smbd and nmbd are reporting this same error. Any ideas? Thanx Lars Dam Amity Networks & Training Boerhaaveweg 21 3401 MN IJsselstein Telefoon: 030-6021710 Fax: 030-6090957

Hi, After lots of struggle and rtfm I finally got most things running, except for 'nmblookup' and 'net getlocalsid' on the BDC. I'm not new to Samba, but plenty more to learn. Here's the setup in summary: system pdc is the PDC on subnet 192.168.0.0, running SuSE10.1, LDAP master, wins server, domain master browser, no iptables; system bdc is the BDC on subnet 192.168.2.0,

Hi team, Is there a way to grab Kerberos specific log entries? Example: /Auth: [Kerberos KDC,ENC-TS Pre-authentication] user.../ I have tried using the kerberos class but nothing was logged when I specified a path. This is what I have on my smb.conf. /[global] ??????? log level = 1 kerberos:2@/var/log/samba/kerberos.log auth_audit:3@/var/log/samba/audit.log

Hello all- I'm looking to tweak password settings for my domain but have a few question regarding the settings under "samba-tool domain passwordsettings show". While I found some settings were documented on the wiki (https://wiki.samba.org/index.php/Password_Settings_Objects), I did not find answers to a few questions I had. If "maximum password age (days)" is set to

First of all, I want to say I have been using Samba AD for two years now (since just before 4.0 went stable), and it is an amazing product. We've implemented Active Directory & Group Policy for almost 50 computers and 100 users. Unfortunately, we are now being forced into switching to Windows DCs because Samba does not have an account lockout feature. Citrix (stupidly) does not have

Hi, im trying to setup a password policy with samba and openldap. while lockout works perfect on openldap it looks like it does not work with my samba. Ive set "sambaLockoutThreshold" to 3 and "sambaLockoutDuration" to -1 (lockout forever) within the Domain-Object in LDAP. So i expect whenever a windows user does 3 false logon attemps his samba account will be LOCKED

Hello, I have a samba 4.1.5. I have created OUs and linked GPO to OU for account lockout policies. Account Lockout Duration: 15min Account Lockout Threshold: 5 invalid attempts Reset Account lockout counter after: 15min I have created a test account and logged in with an incorrect password more than 5 times to a machine. but the test account never locks and the computer never prompts me that

I recently am migrating my PDC from NT4 to Samba 3.025. Apparently due to a mismatch between the capitalization of the Windows account and the Unix account (Administrator vs administrator) I managed to lock the account before catching the discrepenacy. # pdbedit -v administrator Unix username: Administrator NT username: Administrator Account Flags: [ULX Bad password count

Hi everybody, I think i need a samba guru to solve this issue, because googling for months did not help and the problem is becoming pressing. I'm facing an annoying problem with samba. In detail, there is something wrong with the password handling. It happens from windows, mac or linux clients. Randomly (probably after $num days), the system asks to the user to change the password. After the

When a user tries logging in and enters the wrong password a few times in a row, their account becomes disabled. Is there a way to prevent this behavior? I couldn't find anything in the smb.conf man page about it. Alternatively, could we use a preexec script to just re-enable all accounts when there's a logon attempt? Or does that script only get executed after a user is authenticated?

Hi! I have one question about passwordsettings in Samba 4: My configuration: S.O. : Ubuntu 16.04 Samba Version:  4.7.7 -- samba-tool domain passwordsettings show Password complexity: on Store plaintext passwords: off Password history length: 24 Minimum password length: 7 Minimum password age (days): 0 Maximum password age (days): 180 Account lockout duration (mins): 30 Account lockout

The release notes indicate support for bad password lockout policy starting with version 3.0.3 but I can't figure out how to enable it. I didn't see anything in the docs about turning it on. I also tried looking through all the options by using swat in advanced mode. How do I enable bad password lockout policy?

Hey All, I am testing PSO password policies and am having trouble getting the Maximum password age to be enforced. I have a test policy applied to a group and it does enforce complexity and Minimum password length but not the Maximum password age. Anyone using this setting for PSO's? Samba version 4.10.0-Ubuntu Password information for PSO 'TESTpolicy' Precedence (lowest is

Hope this isn't too far OT, but its relevant to us. From isn.attrition.org >http://www.informationweek.com/story/showArticle.jhtml?articleID=20300851 > >By W. David Gardner >TechWeb News >May 13, 2004 > >As voice over IP sweeps across the high-tech landscape, many IT >managers are being lulled into a dangerous complacency because they >look upon Internet phoning

Quoting Joseph Tam <jtam.home at gmail.com>: > Another privacy plugin that assumes the server operator is unmotivated or > respects your privacy anyways, and won't just skim your password right off > the top to look at your mail. A vault with steel walls and a dirt floor. *SIGH* As usual, you're right on the money, Joseph. I used to let things like this

Hello James, Even after setting the rfc2307 in smb.conf replication error continues and password change error continues. Error thrown while forcing replication is shown below. ------------------------------------------------------------------- Even after setting RFC, DC2 is not getting synced from DC1. Connection time out error comes. #samba-tool drs replicate DC2.KTKBANKLTD.COM

Greetings! Is there any way to to lockout a certain machine identified by its ip address after a fix number of bad logon attempts? I'm aware of account policy option "bad lockout attempts" but that would block the whole account and not just the machine. Have a sunny day! Ferdinand

Hello, I'm trying to use the vcd package to analyze survey data. Expert judges ranked possible features for product packaging. Seven features were listed, and 19 judges split between 2 cities ranked them. The following code (1) works, but the side-by-side plots for Cities PX, SF are shrunk too much. Stacking PX on top of SF would make for a better plot. (I could switch the order of

Hello, I believe there may be a bug with accounts getting erroneously locked in v4.4.5+. I've checked at all the Internet facing services to find the source of account lockout and I've done packet captures at the DCs, but I cannot find the source of lockout. I've got several accounts locking out for seemingly no reason including some service accounts where the passwords

Hi all, My boss is still questioning me for an answer. I've searched thru this archive thru the beginning of the year as well as searched thru Google, but still haven't found the answer to the this question.. Is there a way in Samba to automatically disable/lockout an account if the user has tried to signon more than a set number incorrectly? As an example: if JDOE tries to sign into