[SCM] Samba Shared Repository - branch v3-0-test updated -
release-3-0-29-32-gc2e96cf
Jim McDonough
jmcd at samba.org
Mon Jun 9 15:37:57 GMT 2008
The branch, v3-0-test has been updated
via c2e96cf6c32a646cdcf803144f115680690e15a8 (commit)
from c51dc21e651849f373ea8059381c83f41d99ecac (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-0-test
- Log -----------------------------------------------------------------
commit c2e96cf6c32a646cdcf803144f115680690e15a8
Author: Jim McDonough <jmcd at samba.org>
Date: Mon Jun 9 11:36:39 2008 -0400
Don't reset password last set time just because the expired flag
is set to 0. If the account wasn't expired but autolocked,
using "net user /dom <username> /active:y" would clear this,
incorrectly setting the current time as the new "password last set"
time.
-----------------------------------------------------------------------
Summary of changes:
source/rpc_server/srv_samr_util.c | 30 +++++++++++++++++++++++++++---
1 files changed, 27 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/rpc_server/srv_samr_util.c b/source/rpc_server/srv_samr_util.c
index 42ad462..d22952b 100644
--- a/source/rpc_server/srv_samr_util.c
+++ b/source/rpc_server/srv_samr_util.c
@@ -278,7 +278,15 @@ void copy_id21_to_sam_passwd(struct samu *to, SAM_USER_INFO_21 *from)
if (from->passmustchange == PASS_MUST_CHANGE_AT_NEXT_LOGON) {
pdb_set_pass_last_set_time(to, 0, PDB_CHANGED);
} else {
- pdb_set_pass_last_set_time(to, time(NULL),PDB_CHANGED);
+ /* A subtlety here: some windows commands will
+ clear the expired flag even though it's not
+ set, and we don't want to reset the time
+ in these caess. "net user /dom <user> /active:y"
+ for example, to clear an autolocked acct.
+ We must check to see if it's expired first. jmcd */
+ stored_time = pdb_get_pass_last_set_time(to);
+ if (stored_time == 0)
+ pdb_set_pass_last_set_time(to, time(NULL),PDB_CHANGED);
}
}
@@ -492,7 +500,15 @@ void copy_id23_to_sam_passwd(struct samu *to, SAM_USER_INFO_23 *from)
if (from->passmustchange == PASS_MUST_CHANGE_AT_NEXT_LOGON) {
pdb_set_pass_last_set_time(to, 0, PDB_CHANGED);
} else {
- pdb_set_pass_last_set_time(to, time(NULL),PDB_CHANGED);
+ /* A subtlety here: some windows commands will
+ clear the expired flag even though it's not
+ set, and we don't want to reset the time
+ in these caess. "net user /dom <user> /active:y"
+ for example, to clear an autolocked acct.
+ We must check to see if it's expired first. jmcd */
+ stored_time = pdb_get_pass_last_set_time(to);
+ if (stored_time == 0)
+ pdb_set_pass_last_set_time(to, time(NULL),PDB_CHANGED);
}
}
@@ -710,7 +726,15 @@ void copy_id25_to_sam_passwd(struct samu *to, SAM_USER_INFO_25 *from)
if (from->passmustchange == PASS_MUST_CHANGE_AT_NEXT_LOGON) {
pdb_set_pass_last_set_time(to, 0, PDB_CHANGED);
} else {
- pdb_set_pass_last_set_time(to, time(NULL),PDB_CHANGED);
+ /* A subtlety here: some windows commands will
+ clear the expired flag even though it's not
+ set, and we don't want to reset the time
+ in these caess. "net user /dom <user> /active:y"
+ for example, to clear an autolocked acct.
+ We must check to see if it's expired first. jmcd */
+ stored_time = pdb_get_pass_last_set_time(to);
+ if (stored_time == 0)
+ pdb_set_pass_last_set_time(to, time(NULL),PDB_CHANGED);
}
}
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list