On Wednesday, November 27, 2002, at 11:51 AM, [EMAIL PROTECTED] wrote:
It seems to me that this thread is in some ways related to the one I started about being able to disable an account after a configurable number of unsuccessful login attempts. Both items are really related to the system security policies. It seems to me that these are items that should be considered for implementation in Samba itself, as there is really nowhere else in the system to do so. Especially since PAM is insufficient to handle the job. I must say that I know of no NT/2000 option to allow only login from one client PC, although I recall Netware having such an option.You need to store a record in a tdb somewhere that the user has logged on so that another smbd running on the same PDC can check at logon time. I suggest adding records to the sessions tdb.
I only started using PAM in order to meet a security policy requirement that all user passwords must be changed every 60 days. On NT/2000, password expiration, logon attempts before account lockout, and so on are all configured as part of the local (or domain) security policy. Maybe just in the system policy on NT.
Giving the growing presence of Samba in the large enterprise, with more and more companies becoming security conscious as time goes forward, we are going to hit these type issues more and more.
It seems that the only way to really implement these type restrictions is in Samba itself. What is needed is an examination of the various security policies that can be setup in an NT/2000 Server environment, so that a list of such items that are appropriate to a Samba environment can be built. In a pure Samba environment - i.e. no LDAP backend, just smbpasswd for storing account information - some extension to the smbpasswd structure could be used to track these things. Or as someone suggested, store then in a tdb.
By doing this, the Samba security policy does really become disjointed from the underlying Unix security system on the Samba server. But then again, with encrypted passwords in place, it seems that we are already ignoring policies on PAM enabled systems (due to PAM's insufficiences)....
I would be willing to review the security options available on both Windows NT Server and Windows 2000 Server, as I have both at my disposal. I would be glad to help in this effort in any way I can, including documentation and code.
--
Jim Morris ([EMAIL PROTECTED])
