On Fri, 2013-01-11 at 22:54 -0500, Chris Stoneburner wrote: > First off, I apologize if this is a duplicate - I had some issues with > the first email I tried to join this list with! > > I'm currently using samba4 as an AD DC (domain and forest are both > configured with the samba-tool command to be at the 2008_R2 functional > level) for both Windows and Linux systems. I've got the default > password settings set using the "samba-tool domain passwordsettings" > command and I have all the GPOs configured as I need them for clients. > However, I would like to configure how the account lockout functions > for the domain accounts. I read in the archive for this list that > there isn't currently support for server side GPOs, so I'm not certain > how to configure this, or if its even possible.
> My question with respect to samba is two fold: is it even POSSIBLE to > have samba detect multiple failed login attempts to a domain account > (e.g., the default domain administrator) and "lock" the account once a > certain threshold has been reached and if so how is that configured? No, this is not yet implemented in the AD DC. Sorry, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba