similar to: Howto force all users of a samba domain controller to change their password ?

Hi all, can someone give a working example for checking the password complexity in samba? I have tried the next one 1. Download and extract samba-3.4.15.tar.zg. Go to samba-3.4.15/examples/auth/crackcheck and compile crackcheck 2. Copy crackcheck binary to the /usr/bin/ 3. Check that the program working correctly # /usr/bin/crackcheck -d /usr/share/cracklib/pw_dict 123 ERR - it is too short #

Hi there, Here are the facts: - I have samba 3.4.2-0.42.fc11 running on a Fedora 11 system. - Samba is acting as a domain controller, no Windows server involved. - I am using tdbsam. - I need to enforce certain password requirements. The password requirements are: - min 8 characters - expiration 90 days - last 10 passwords may not be reused - not a dictionary word Per the Samba 3.2 FAQ, the

Hi Samba folks, I had a couple questions about password complexity checking. To preface, in smb.conf, we set: check password script = /usr/local/sbin/crackcheck -d /usr/share/cracklib/pw_dict Also, if I understand correctly: /usr/local/sbin/crackcheck comes from samba source rpm package. maybe we need to compile it ourselves. /usr/share/cracklib/pw_dict* comes from cracklib-dicts rpm

I'm testing Samba 3.0.3pre2 and am particularly interested in the new --with-cracklib support. I see the configuration directive to enable cracklib functionality in the changelog, but am curious if anyone has any additional documentation. The man pages, etc... appear not to be updated yet. Is there any mechanism for 'tweaking' the password strenth rules, as there is with

Hello, I would like to enforce some level of password complexity when users change their password. I have a Samba PDC running on Debian set to sync Unix passwords. I'm trying to get Samba to work with cracklib, but it isn't going well. Here is what I've tried: Installed libpam-cracklib, compiled examples/auth/crackcheck and copied the binary to /usr/local/sbin. I added the

I also sorted the list. Between libguestfs 1.28 and 1.30, the appliance grew from 95MB to 213MB. Using guestmount and filelight (see link below) I could see that the main contributor was these two directories, which should not be necessary. With this change, the size goes down to 119MB. See also: https://rwmj.wordpress.com/2015/07/23/why-has-the-libguestfs-appliance-grown-by-118-mb/ ---

I would like to bump my question 2015-05-27 10:21 GMT+03:00 Krutskikh Ivan <stein.hak at gmail.com>: > Hmm, looks like it's not. I've just set the password for something that > cracklib-check would argue using both ad management tools and at windows > login. Should it work that way or I'm missing something? > > My dc's smb.conf: > > [global] >

This seems to be common thread on the list, but I'm pulling my hair out and have to ask.. I've been following a couple of guides and using AD to authenticate users on my linux system. These include the ubuntu guide -- https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto - https://wiki.samba.org/index.php/Setup_Samba_as_an_AD_Domain_Member -

Package: logcheck-database Severity: wishlist Tags: patch Please consider applying the attached patch. Logcheck doesn't match lines like the following right now: ---- Jan 26 04:26:29 space-based cracklib: updated dictionary (read/written words: ). ---- /Armin -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'),

Rowland Penny schrieb am 28.03.2015 00:15: > I installed jessie in a vm to test it, seeing as how sernet hasn't got > round to releasing 4.2 packages yet and then Peter posted that he had > got 4.2 running on jessie. I would love to know how he did this ? Oh. I am a pretty newbie on this field. Maybe that helped... First I install the basic system including LXDE. On the problem

Hallo, we run a Redhat samba 3.5.4 PDC with openldap 2.4 as user/passwordbackend. The ldap also contains the posix information for the users to login to some web/mail/etc. servers. I'm faced with the task to implement a 'both worlds' compatible paswword sync process regarding complexity etc. For the posix account password we use a webfrontend, configure to use pam/cracklib checks

Hi to all ! I'm confronted to the following problem : I have a Linux box (SuSE 6.4 running kernel 2.2.14 & smb 2.0.7). I have configured smb to be the master for domain named essaismb. When I connect to this domain from a windows 98 box, it works fine. However, all the PC that are in my firm are not (yet) configured to connect to this domain. At that moment, they connect to a win NT 4.0

Hi all, If I try yum grouplist "FTP Server" I get the next large output: Dependencies Resolved ============================================================================= Package Arch Version Repository Size ============================================================================= Installing: OpenIPMI x86_64

Hi ! I hope that someone will be abble to help me with the problem I get with my samba machines, though it is not really a samba problem. Here is the config I use : I'm running a samba controler on a rhel 5 machine (rpm -qa says samba-3.0.33-3.7.el5) which acts as a domain controler. My machines, all windows XP use to be connected to this controler. I have no problem with them. The problem

Hello, I've got problems with my fresh install of samba. Here is the background : We have an old machine on which I installed samba, release 3.0.9. It ran a linux from scratch system, but I was not well documented about samba at the time I did this install, so here is how we used to use it. The users accounts were both created in the system (/etc/password) and for samba (smbpasswd). All

Hello, To harden security, I've modified the smbldap-passwd script so that it update sambaPwdMustChange, sambaKickoffTime and shadowExpire fields; also, a simple script notifying users with expiration date approaching has been set up. I have also added a call to cracklib to check password strength prior to applying it. It all works well, but the task it to force users to use unique password

Brings the size of the appliance down to 95 MB [xz-compressed], which is the same as for libguestfs 1.28. --- appliance/excludefiles.in | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/appliance/excludefiles.in b/appliance/excludefiles.in index d3c66cc..574c828 100644 --- a/appliance/excludefiles.in +++ b/appliance/excludefiles.in @@ -22,6 +22,11 @@ dnl The right kernel modules are added

Greetings ... A quick question more to confirm a few things reguarding SMB passwords, which I hope might be able to look at for password aging. I saw some discussion on samba-tech list, but nothing conclusive. LM and NT hashs don't have a salt? Do they? ... In other words, a password "password" LM hashed, always comes out as "E52CAC67419A9A224A3B108F3FA6CB6D" not

Hello ! I've the following problem on my samba+ldap installation : The samba server (version 3.0.28-1.el5_2.1) is running on a machine named luke. The ldap server runs on a machine named anakin. Both of them seems to be setup correctly, since I can log in on the samba domain, but when I try to get an entry from the ldap database using the pdbedit command on luke, I get the following :

Here we go again: Hi all. Most of you already know about my problems (well, my computer?s problems ;-) ), since we?ve been discussing on the forum. Hughesjr recommended me to post here, so let?s see, I have my faith on you I have a dedicated server with RH9 that I upgraded to CentOS 3.4 . Everything ok, but after the first yum upgrade and reboot I get this when I try to do a yum update: