Re: [Samba] logline of account becoming NT_STATUS_ACCOUNT_LOCKED_OUT
- Date: Sun, 03 Dec 2017 08:47:17 +1300
- From: Andrew Bartlett via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] logline of account becoming NT_STATUS_ACCOUNT_LOCKED_OUT
On Sat, 2017-12-02 at 20:21 +0100, mj wrote:
> Hi Andrew,
> On 12/02/2017 07:20 PM, Andrew Bartlett via samba wrote:
> > I'm sorry, but while we do log it, the news isn't good.
> > DEBUG(5, ("Locked out user %s after %d wrong passwords\n",
> > ldb_dn_get_linearized(user_msg->dn), badPwdCount));
> > That will show up with level 5 globally.
> Ok, patches are difficult now, as we've sponsored quite a lot this year.
> But would it also be an idea to move this to a (much) lower log level?
> Perhaps even at 1 or 2?
Sure, and it (and a lot of other messages) needs to be in the auth
logging context, either with
#define DBGC_CLASS DBGC_AUTH
at the top of the file, or by using:
where it is mixed with other things.
Could you have a go with at least this much, even if you can't move it
into the auth_audit stuff where it belongs?
Of course I could write all the patches, but in asking that you have a
go with the patches I'm looking to spread the load a little, and you
have the need and the real-world test.
> Locking accounts is such a *major* event, and log level 5 is SO high...
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
To unsubscribe from this list go to the following URL and read the