On Sat, 2003-10-04 at 00:42, Adam Williams wrote: > > I currently use unix passwd sync = yes to accomplish this in 2.2.8. The > > option still appears to be available in 3.0.0. You can specify a custom > > script with passwd program and passwd chat in smb.conf which will check > > the password's strength. This program must return successful before > > samba will change the samba password, effectively checking password > > strength. > > True, this works. But it doesn't provide the user with a very helpful > error message when the password can't change because the chat script > refused it. Samba 3.x.x's password change error messages are really > helpful and reduce alot of support calls for us - like it says you can't > reuse one of your past 24 passwords if you enter one, etc... (based upon > your site policies of course). > > Maybe we can have a fund raiser or send pizza for cracklib support?!
There was a patch to properly implement this - with a call-out to an arbitrary external script etc. However, it never quite made it, and I settled on the quick hack I had implemented earlier in the year... The problems with this quick hack are: - Need to manually add LIBS=-lcrack (ie: LIBS=-lcrack ./configure ....) - It calls getuid() and getpwnam() to get details on the current user, but the uid is root at this point. - CrackLib is licenced under the Artistic Licence, which is not compatible with the GPL. That all said, it does actually work :-) Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
