svn commit: samba r13391 - branches/SAMBA_3_0/source/nsswitch trunk/source/nsswitch

gd at samba.org gd at samba.org
Wed Feb 8 11:57:39 GMT 2006


Author: gd
Date: 2006-02-08 11:57:38 +0000 (Wed, 08 Feb 2006)
New Revision: 13391

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=13391

Log:
Only fall into password change when ACB_PWNOEXP is not set 

(got it wrong the first time as administrator has this flag set by
default).

Guenther

Modified:
   branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
   trunk/source/nsswitch/pam_winbind.c


Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/pam_winbind.c	2006-02-08 11:28:40 UTC (rev 13390)
+++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.c	2006-02-08 11:57:38 UTC (rev 13391)
@@ -419,7 +419,7 @@
 
 	/* handle the case where the auth was ok, but the password must expire right now */
 	/* good catch from Ralf Haferkamp: an expiry of "never" is translated to -1 */
-	if ((response.data.auth.info3.user_rid != DOMAIN_USER_RID_ADMIN ) &&
+	if ( ! (response.data.auth.info3.acct_flags & ACB_PWNOEXP) &&
 	    (response.data.auth.policy.expire > 0) && 
 	    (response.data.auth.info3.pass_last_set_time + response.data.auth.policy.expire < time(NULL))) {
 
@@ -436,7 +436,7 @@
 	}
 
 	/* warn a user if the password is about to expire soon */
-	if ((response.data.auth.info3.user_rid != DOMAIN_USER_RID_ADMIN ) &&
+	if ( ! (response.data.auth.info3.acct_flags & ACB_PWNOEXP) &&
 	    (response.data.auth.policy.expire) && 
 	    (response.data.auth.info3.pass_last_set_time + response.data.auth.policy.expire > time(NULL) ) ) {
 

Modified: trunk/source/nsswitch/pam_winbind.c
===================================================================
--- trunk/source/nsswitch/pam_winbind.c	2006-02-08 11:28:40 UTC (rev 13390)
+++ trunk/source/nsswitch/pam_winbind.c	2006-02-08 11:57:38 UTC (rev 13391)
@@ -419,7 +419,7 @@
 
 	/* handle the case where the auth was ok, but the password must expire right now */
 	/* good catch from Ralf Haferkamp: an expiry of "never" is translated to -1 */
-	if ((response.data.auth.info3.user_rid != DOMAIN_USER_RID_ADMIN ) &&
+	if ( ! (response.data.auth.info3.acct_flags & ACB_PWNOEXP) &&
 	    (response.data.auth.policy.expire > 0) && 
 	    (response.data.auth.info3.pass_last_set_time + response.data.auth.policy.expire < time(NULL))) {
 
@@ -436,7 +436,7 @@
 	}
 
 	/* warn a user if the password is about to expire soon */
-	if ((response.data.auth.info3.user_rid != DOMAIN_USER_RID_ADMIN ) &&
+	if ( ! (response.data.auth.info3.acct_flags & ACB_PWNOEXP) &&
 	    (response.data.auth.policy.expire) && 
 	    (response.data.auth.info3.pass_last_set_time + response.data.auth.policy.expire > time(NULL) ) ) {
 



More information about the samba-cvs mailing list