12691 – Account lockout threshold not working correctly

Bug 12691 - Account lockout threshold not working correctly

Summary: Account lockout threshold not working correctly

Status:	RESOLVED FIXED

Alias:	None

Product:	Samba 4.1 and newer
Classification:	Unclassified
Component:	AD: LDB/DSDB/SAMDB (show other bugs)
Version:	4.4.5
Hardware:	x64 Linux

Importance:	P5 major (vote)
Target Milestone:	---
Assignee:	Andrew Bartlett
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2017-03-15 14:45 UTC by trenta
Modified:	2019-09-06 08:29 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description trenta 2017-03-15 14:45:42 UTC

Hi,

I have detected that with samba 4.4.5 Account lockout threshold (attempts) is not working correctly.

If you configure Account lockout threshold (attempts): 5, and then you try to login with incorrect password, It seems that badPwdCount is not correct, this attribute increase with every incorrect password 2, from 0, 2 ,4 and 5 and then account is locked at third attempt and not 5.

then If you configure 10, account is locked at 5 attempt (0, 2, 4, 6, 8, 10)

Samba used is 4.4.5 and compiled from sources


Anybody can help?

Thanks

Comment 1 Stefan Metzmacher 2019-07-31 13:05:13 UTC

In my recent tests on bug #14054 I that it works fine in current releases

Comment 2 trenta 2019-09-06 08:29:57 UTC

Confirmed with 4.10.7 and samba-tool domain passwordsettings set --account-lockout-threshold=5

now conts correctly, with 4.4.5 was failing and now works