svn commit: samba r13391 - branches/SAMBA_3_0/source/nsswitch
trunk/source/nsswitch
gd at samba.org
gd at samba.org
Wed Feb 8 11:57:39 GMT 2006
Author: gd
Date: 2006-02-08 11:57:38 +0000 (Wed, 08 Feb 2006)
New Revision: 13391
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=13391
Log:
Only fall into password change when ACB_PWNOEXP is not set
(got it wrong the first time as administrator has this flag set by
default).
Guenther
Modified:
branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
trunk/source/nsswitch/pam_winbind.c
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/pam_winbind.c 2006-02-08 11:28:40 UTC (rev 13390)
+++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.c 2006-02-08 11:57:38 UTC (rev 13391)
@@ -419,7 +419,7 @@
/* handle the case where the auth was ok, but the password must expire right now */
/* good catch from Ralf Haferkamp: an expiry of "never" is translated to -1 */
- if ((response.data.auth.info3.user_rid != DOMAIN_USER_RID_ADMIN ) &&
+ if ( ! (response.data.auth.info3.acct_flags & ACB_PWNOEXP) &&
(response.data.auth.policy.expire > 0) &&
(response.data.auth.info3.pass_last_set_time + response.data.auth.policy.expire < time(NULL))) {
@@ -436,7 +436,7 @@
}
/* warn a user if the password is about to expire soon */
- if ((response.data.auth.info3.user_rid != DOMAIN_USER_RID_ADMIN ) &&
+ if ( ! (response.data.auth.info3.acct_flags & ACB_PWNOEXP) &&
(response.data.auth.policy.expire) &&
(response.data.auth.info3.pass_last_set_time + response.data.auth.policy.expire > time(NULL) ) ) {
Modified: trunk/source/nsswitch/pam_winbind.c
===================================================================
--- trunk/source/nsswitch/pam_winbind.c 2006-02-08 11:28:40 UTC (rev 13390)
+++ trunk/source/nsswitch/pam_winbind.c 2006-02-08 11:57:38 UTC (rev 13391)
@@ -419,7 +419,7 @@
/* handle the case where the auth was ok, but the password must expire right now */
/* good catch from Ralf Haferkamp: an expiry of "never" is translated to -1 */
- if ((response.data.auth.info3.user_rid != DOMAIN_USER_RID_ADMIN ) &&
+ if ( ! (response.data.auth.info3.acct_flags & ACB_PWNOEXP) &&
(response.data.auth.policy.expire > 0) &&
(response.data.auth.info3.pass_last_set_time + response.data.auth.policy.expire < time(NULL))) {
@@ -436,7 +436,7 @@
}
/* warn a user if the password is about to expire soon */
- if ((response.data.auth.info3.user_rid != DOMAIN_USER_RID_ADMIN ) &&
+ if ( ! (response.data.auth.info3.acct_flags & ACB_PWNOEXP) &&
(response.data.auth.policy.expire) &&
(response.data.auth.info3.pass_last_set_time + response.data.auth.policy.expire > time(NULL) ) ) {
More information about the samba-cvs
mailing list