similar to: Information about password complexity for users

Hello, I want to use crackcheck to check password complexity, but users (when password change failed because of complexity check fail) gets only information about valid password length, password history. I think that may be a problem for users. How can I (or Can I?) give them information about expected complexity. I'm almost sure that with NT PDC they would get information about

Hi everyone, I am using crackcheck to enforce password complexity requirements on my PDC.? Windows obeys these password requirements, but the dialog box that pops up doesn't display the correct information.? This posting describes the same issue: http://lists.samba.org/archive/samba/2007-May/131795.html However, I'm not trying to change the message completely -- I just want it to

Hi there, Here are the facts: - I have samba 3.4.2-0.42.fc11 running on a Fedora 11 system. - Samba is acting as a domain controller, no Windows server involved. - I am using tdbsam. - I need to enforce certain password requirements. The password requirements are: - min 8 characters - expiration 90 days - last 10 passwords may not be reused - not a dictionary word Per the Samba 3.2 FAQ, the

Hi Samba folks, I had a couple questions about password complexity checking. To preface, in smb.conf, we set: check password script = /usr/local/sbin/crackcheck -d /usr/share/cracklib/pw_dict Also, if I understand correctly: /usr/local/sbin/crackcheck comes from samba source rpm package. maybe we need to compile it ourselves. /usr/share/cracklib/pw_dict* comes from cracklib-dicts rpm

Hi all, can someone give a working example for checking the password complexity in samba? I have tried the next one 1. Download and extract samba-3.4.15.tar.zg. Go to samba-3.4.15/examples/auth/crackcheck and compile crackcheck 2. Copy crackcheck binary to the /usr/bin/ 3. Check that the program working correctly # /usr/bin/crackcheck -d /usr/share/cracklib/pw_dict 123 ERR - it is too short #

I'm setting up password complexity requirements on our Samba server, using the "check password script" option, the provided crackcheck.c program, and the "min password length" account policy. Everything works; however, the error message that a Windows client gets when a new password fails to pass crackcheck is not terribly helpful: "Your password must be at least 8

Hello, I'm using samba 3.0.24 and Debian 4.0. As a password backend I use smbpasswd. I set password policy: Length - 8 signs, Password history - 3, password complexity - script, maximum password age - 30 days The "password length" and complexity works, but "password history" and "maximum password age" doesn't. I tried do the same on test machine

I would like to understand how the "check password script" interacts with enabling/disabling password complexity checks. That is: if I configure     check password script = /usr/local/samba/sbin/crackcheck -d /var/cache/cracklib/cracklib_dict is this called *in addition* to the default complexity checking, or instead of it? And if I set     samba-tool domain passwordsettings set

On Thu, 21 Jun 2018 09:55:59 +0200 Marco Gaiarin via samba <samba at lists.samba.org> wrote: > > AFAI've understood 'samba-tool domain passwordsettings' set domain > password settings, while the GPO equivalent settings is for the client > (windows client and server os). > > Currently i've enabled password complexity checks server side: > > root at

AFAI've understood 'samba-tool domain passwordsettings' set domain password settings, while the GPO equivalent settings is for the client (windows client and server os). Currently i've enabled password complexity checks server side: root at vdcsv1:~# samba-tool domain passwordsettings show Password informations for domain 'DC=ad,DC=fvg,DC=lnf,DC=it' Password

Hi all, I'm quite new to all this, so please go easy on me if I don't quite seem to say the right things. (any advice is good advice) I have a 3.0.14a-debian samba install, with ldap auth using pam_unix (see smb.conf below) We want to implement a few password checks for complexity, so I have written a pretty basic script (see below) which definitely exits 0 on a good password

Hallo, we run a Redhat samba 3.5.4 PDC with openldap 2.4 as user/passwordbackend. The ldap also contains the posix information for the users to login to some web/mail/etc. servers. I'm faced with the task to implement a 'both worlds' compatible paswword sync process regarding complexity etc. For the posix account password we use a webfrontend, configure to use pam/cracklib checks

Hello, I would like to enforce some level of password complexity when users change their password. I have a Samba PDC running on Debian set to sync Unix passwords. I'm trying to get Samba to work with cracklib, but it isn't going well. Here is what I've tried: Installed libpam-cracklib, compiled examples/auth/crackcheck and copied the binary to /usr/local/sbin. I added the

We had problems removing password complexity, and I noticed a lot of confusion on the list about exactly this topic. So I thought I would post our success. We're talking about a Samba4 PDC/AD here. Once we got Samba installed and provisioned, we used samba-tool from the command-line on the Samba box to change the domain password settings: sudo samba-tool domain passwordsettings set

On Thu, 21 Jun 2018 12:39:06 +0200 Marco Gaiarin via samba <samba at lists.samba.org> wrote: > Mandi! Rowland Penny via samba > In chel di` si favelave... > > > > But my question really is: why this policy apply, if i've not > > > enabled in GPO? > > Probably because GPOs have no effect on a Samba AD DC, they will > > only effect Windows

Mandi! Rowland Penny via samba In chel di` si favelave... > It doesn't have to contain punctuation: Ahem, i've write 'punctuation' but i meant 'Non-alphanumeric characters'. Sorry. > So, as I am sure you can see, 'kaaPxvqEXW' only passes the first two. > It contains uppercase and lowercase, but neither numbers or punctuation. Exactly i supposed.

Hi, I've got samba3 on ubuntu 12 up and running with one exception. I try to get password complexity working to no avail. I understood I needed crackcheck, which in turn needed to be compiled. I downloaded the samba-doc package, and tried to compile crackcheck with a simple make, but all it returns is failure with the following error: crackcheck.c:6:19: fatal error: crack.h: No such file

Mandi! Rowland Penny via samba In chel di` si favelave... > > But my question really is: why this policy apply, if i've not enabled > > in GPO? > Probably because GPOs have no effect on a Samba AD DC, they will only > effect Windows clients. Rowland, i'm speaking about windows clients, not samba servers! I've enabled 'complexity checks' in samba servers,

Marc, I'm using Samba 4.1.15 compiled from tar on Ubuntu 12.04 server. Win 7 64-bit Pro Workstation. samba-tool domain passwordsettings show Password informations for domain 'DC=domain,DC=local' Password complexity: on Store plaintext passwords: off Password history length: 24 Minimum password length: 7 Minimum password age (days): 1 Maximum password age (days): 90 I attempted 3

Hello James, Am 27.01.2015 um 19:23 schrieb James: > This happens to me as well. Over several different versions of Samba. > It's a minor nuisance on my end. Basically the following > > * User is prompted to change password > * User types old password along with new password twice. > * User is prompted with the error message 'unable to change password. >