FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Red Hat Linux

 
 
LinkBack Thread Tools
 
Old 08-28-2008, 02:46 PM
"Binyon, Steve CTR USAF ACC 705 CTS/ASRCC"
 
Default RHEL4 ES as a PDC and changing passwords.

Hello,
I've set up a small isolated node of systems (4 Windows 2000 and 4
RHEL-WS and 1 RHEL ES, V4 update 2). I've set up the Samba on the RHEL4
ES as a PDC and NIS master and is working great except for one thing,
changing passwords on the Windows systems doesn't seem to abide by the
cracklib rules I specified. Here is the system-auth entries for
password:

password requisite /lib/security/$ISA/pam_cracklib.so retry=3
dcredit=-1 ucredit=-1 ocredit=-1 lcredit=0 minlen=8
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok

md5 shadow nis remember=8
password required /lib/security/$ISA/pam_deny.so

for smb.conf I use:

unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n
*ReType*new*UNIX*password* &n

passwd:*all*authentication*tokens*updated*successf ully*


In the syslog when changing the password (using a invalid password of
12345678) on the windows system is gives:

Aug26 18:55:18 mslserver rpc.yppasswdd [3205]: update steveb (uid=1010)
from host 127.0.0.1 rejected
Aug16 18:55:18 mslserver rpc.yppasswdd [3205]: invalid password
Aug26 18:55:18 mslserver passwd (pam_unix) [15011]: password not changed
for steveb on mslserver.
Aug26 18:55:18 mslserver passwd (pam_unix) [15011]: password changed for
steveb.

Windows comes back with 'Your password has been changed'. And the
password has been changed for both the Windows systems and the Linux
systems. If I change the password on a Linux system (using passwd), the
use of '123456789' will fail (too simplistic). So it appears that the
pam rules work as it should if changing the password on a linux system,
but not from a Windows system. Since Samba is using the Linux passwd to
change passwords, then I was thinking that it would fail on simplistic
passwords. Why is this not doing what I was expecting?

Smb.conf man page states that the unix password is changed first before
smbpasword, therefore if the unix password fails, then smbd will fail to
change the SMB password file.

>From the syslog, it appears that it does fail, but for some reason, it
gets changed.

How can I get this to work?

Note: These systems are not on the internet, and the above was typed in
by hand.

Thanks.

Steve

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 

Thread Tools




All times are GMT. The time now is 11:39 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org