[SCM] Samba Shared Repository - branch v3-2-test updated -
release-3-2-0pre2-336-gf65cb5d
Günther Deschner
gd at samba.org
Thu Mar 20 22:21:15 GMT 2008
The branch, v3-2-test has been updated
via f65cb5d4b51e2e7b9b16b73e47cd2a8d55d5d4b0 (commit)
from 008c4bdbe5de064b4469fc1f7c7173290f35b3ef (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test
- Log -----------------------------------------------------------------
commit f65cb5d4b51e2e7b9b16b73e47cd2a8d55d5d4b0
Author: Volker Lendecke <vl at samba.org>
Date: Thu Mar 20 21:58:39 2008 +0100
A level 25 setuserinfo does change the pwdlastset
-----------------------------------------------------------------------
Summary of changes:
source/rpc_server/srv_samr_nt.c | 28 ++++++++++++++++++++++------
1 files changed, 22 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/rpc_server/srv_samr_nt.c b/source/rpc_server/srv_samr_nt.c
index f38a8fc..eeb3e40 100644
--- a/source/rpc_server/srv_samr_nt.c
+++ b/source/rpc_server/srv_samr_nt.c
@@ -3863,7 +3863,8 @@ static NTSTATUS set_user_info_23(TALLOC_CTX *mem_ctx,
set_user_info_pw
********************************************************************/
-static bool set_user_info_pw(uint8 *pass, struct samu *pwd)
+static bool set_user_info_pw(uint8 *pass, struct samu *pwd,
+ int level)
{
uint32 len = 0;
char *plaintext_buf = NULL;
@@ -3925,8 +3926,20 @@ static bool set_user_info_pw(uint8 *pass, struct samu *pwd)
memset(plaintext_buf, '\0', strlen(plaintext_buf));
- /* restore last set time as this is an admin change, not a user pw change */
- pdb_set_pass_last_set_time (pwd, last_set_time, last_set_state);
+ /*
+ * A level 25 change does reset the pwdlastset field, a level 24
+ * change does not. I know this is probably not the full story, but
+ * it is needed to make XP join LDAP correctly, without it the later
+ * auth2 check can fail with PWD_MUST_CHANGE.
+ */
+ if (level != 25) {
+ /*
+ * restore last set time as this is an admin change, not a
+ * user pw change
+ */
+ pdb_set_pass_last_set_time (pwd, last_set_time,
+ last_set_state);
+ }
DEBUG(5,("set_user_info_pw: pdb_update_pwd()\n"));
@@ -4147,7 +4160,8 @@ static NTSTATUS samr_SetUserInfo_internal(const char *fn_name,
dump_data(100, info->info24.password.data, 516);
- if (!set_user_info_pw(info->info24.password.data, pwd)) {
+ if (!set_user_info_pw(info->info24.password.data, pwd,
+ switch_value)) {
status = NT_STATUS_ACCESS_DENIED;
}
break;
@@ -4166,7 +4180,8 @@ static NTSTATUS samr_SetUserInfo_internal(const char *fn_name,
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
- if (!set_user_info_pw(info->info25.password.data, pwd)) {
+ if (!set_user_info_pw(info->info25.password.data, pwd,
+ switch_value)) {
status = NT_STATUS_ACCESS_DENIED;
}
break;
@@ -4180,7 +4195,8 @@ static NTSTATUS samr_SetUserInfo_internal(const char *fn_name,
dump_data(100, info->info26.password.data, 516);
- if (!set_user_info_pw(info->info26.password.data, pwd)) {
+ if (!set_user_info_pw(info->info26.password.data, pwd,
+ switch_value)) {
status = NT_STATUS_ACCESS_DENIED;
}
break;
--
Samba Shared Repository
More information about the samba-cvs
mailing list