Hello, To harden security, I've modified the smbldap-passwd script so that it update sambaPwdMustChange, sambaKickoffTime and shadowExpire fields; also, a simple script notifying users with expiration date approaching has been set up.
I have also added a call to cracklib to check password strength prior to applying it. It all works well, but the task it to force users to use unique password every time they have to change it. A typical scenario I must prevent is this: user change the password for anything temporary, then changes it back to the one it used (or to a password slightly different from the one having been used). Could someone suggest an existing tool to integrate into smbldap-passwd to prevent using similar or the same passwords? I can store password hashes somewhere, but it won't prevent me from the problem when passwords differ just a little. Any suggestions? Thanks in advance! Sincerely, Konstantin -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
