[SCM] Samba Shared Repository - branch master updated
Matthias Dieter Wallnöfer
mdw at samba.org
Tue Jul 6 13:54:54 MDT 2010
The branch, master has been updated
via 502bddf... s4:new_partition LDB module - fix an uninitalised variable warning
via b03040c... s4:SAMR rpc server - "SetUserInfo" - fix the implementation of the expire flag
via 7f15ca4... s4:SAMR rpc server - "QueryUserInfo" - send back the password expired flag on level 21
via 9c81357... s4:dsdb - samdb_result_force_password_change - also when "pwdLastSet" is "-1" we shouldn't force a password change
from 293d3eb... s3-selftest: add "make testenv" target to Makefile.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 502bddf7676b8061a877e7c83b647a64963c3efe
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Tue Jul 6 17:51:00 2010 +0200
s4:new_partition LDB module - fix an uninitalised variable warning
> [ 651/1946] Compiling dsdb/samdb/ldb_modules/new_partition.c
> ../dsdb/samdb/ldb_modules/new_partition.c: In function 'new_partition_add':
> ../dsdb/samdb/ldb_modules/new_partition.c:195: warning: 'down_req' may be used uninitialized in this function
The "down_req" variable isn't used anymore.
commit b03040c5a903e24a8216b9245f2925eb2205cd67
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Mon Jul 5 17:42:40 2010 +0200
s4:SAMR rpc server - "SetUserInfo" - fix the implementation of the expire flag
It has to consider the "password_expires" flag to known if the "pwdLastSet" has
to be updated or to be resetted.
commit 7f15ca4427ae07520a457fa8f19991f6e350205b
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Mon Jul 5 15:54:21 2010 +0200
s4:SAMR rpc server - "QueryUserInfo" - send back the password expired flag on level 21
Taken from the s3 server code
commit 9c8135785ad7b2bee4a0d37470dc37fed04a6516
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Mon Jul 5 16:55:50 2010 +0200
s4:dsdb - samdb_result_force_password_change - also when "pwdLastSet" is "-1" we shouldn't force a password change
This value is set by the ADUC console.
-----------------------------------------------------------------------
Summary of changes:
source4/dsdb/common/util.c | 12 ++++++--
source4/dsdb/samdb/ldb_modules/new_partition.c | 3 +-
source4/rpc_server/samr/dcesrv_samr.c | 32 +++++++++++++++++++++---
3 files changed, 38 insertions(+), 9 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index 80736b1..d248038 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -520,8 +520,10 @@ NTTIME samdb_result_force_password_change(struct ldb_context *sam_ldb,
struct ldb_dn *domain_dn,
struct ldb_message *msg)
{
- uint64_t attr_time = samdb_result_uint64(msg, "pwdLastSet", 0);
- uint32_t userAccountControl = samdb_result_uint64(msg, "userAccountControl", 0);
+ int64_t attr_time = samdb_result_int64(msg, "pwdLastSet", 0);
+ uint32_t userAccountControl = ldb_msg_find_attr_as_uint(msg,
+ "userAccountControl",
+ 0);
int64_t maxPwdAge;
/* Machine accounts don't expire, and there is a flag for 'no expiry' */
@@ -533,8 +535,12 @@ NTTIME samdb_result_force_password_change(struct ldb_context *sam_ldb,
if (attr_time == 0) {
return 0;
}
+ if (attr_time == -1) {
+ return 0x7FFFFFFFFFFFFFFFULL;
+ }
- maxPwdAge = samdb_search_int64(sam_ldb, mem_ctx, 0, domain_dn, "maxPwdAge", NULL);
+ maxPwdAge = samdb_search_int64(sam_ldb, mem_ctx, 0, domain_dn,
+ "maxPwdAge", NULL);
if (maxPwdAge == 0) {
return 0x7FFFFFFFFFFFFFFFULL;
} else {
diff --git a/source4/dsdb/samdb/ldb_modules/new_partition.c b/source4/dsdb/samdb/ldb_modules/new_partition.c
index 63c9200..a6102d6 100644
--- a/source4/dsdb/samdb/ldb_modules/new_partition.c
+++ b/source4/dsdb/samdb/ldb_modules/new_partition.c
@@ -135,7 +135,6 @@ static int np_part_search_callback(struct ldb_request *req, struct ldb_reply *ar
static int new_partition_add(struct ldb_module *module, struct ldb_request *req)
{
struct ldb_context *ldb;
- struct ldb_request *down_req;
struct np_context *ac;
int ret;
@@ -192,7 +191,7 @@ static int new_partition_add(struct ldb_module *module, struct ldb_request *req)
}
/* go on with the call chain */
- return ldb_next_request(module, down_req);
+ return ldb_next_request(module, req);
}
_PUBLIC_ const struct ldb_module_ops ldb_new_partition_module_ops = {
diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
index 882bf3f..cca828a 100644
--- a/source4/rpc_server/samr/dcesrv_samr.c
+++ b/source4/rpc_server/samr/dcesrv_samr.c
@@ -3063,10 +3063,15 @@ static NTSTATUS dcesrv_samr_QueryUserInfo(struct dcesrv_call_state *dce_call, TA
QUERY_RID (msg, info21.rid, "objectSid");
QUERY_UINT (msg, info21.primary_gid, "primaryGroupID");
QUERY_AFLAGS(msg, info21.acct_flags, "userAccountControl");
- info->info21.fields_present = 0x00FFFFFF;
+ info->info21.fields_present = 0x08FFFFFF;
QUERY_LHOURS(msg, info21.logon_hours, "logonHours");
QUERY_UINT (msg, info21.bad_password_count, "badPwdCount");
QUERY_UINT (msg, info21.logon_count, "logonCount");
+ if ((info->info21.acct_flags & ACB_PW_EXPIRED) != 0) {
+ info->info21.password_expired = PASS_MUST_CHANGE_AT_NEXT_LOGON;
+ } else {
+ info->info21.password_expired = PASS_DONT_CHANGE_AT_NEXT_LOGON;
+ }
QUERY_UINT (msg, info21.country_code, "countryCode");
QUERY_UINT (msg, info21.code_page, "codePage");
break;
@@ -3276,9 +3281,16 @@ static NTSTATUS dcesrv_samr_SetUserInfo(struct dcesrv_call_state *dce_call, TALL
}
}
+
IFSET(SAMR_FIELD_EXPIRED_FLAG) {
+ NTTIME t = 0;
struct ldb_message_element *set_el;
- if (samdb_msg_add_uint64(sam_ctx, mem_ctx, msg, "pwdLastSet", 0) != LDB_SUCCESS) {
+ if (r->in.info->info21.password_expired
+ == PASS_DONT_CHANGE_AT_NEXT_LOGON) {
+ unix_to_nt_time(&t, time(NULL));
+ }
+ if (samdb_msg_add_uint64(sam_ctx, mem_ctx, msg,
+ "pwdLastSet", t) != LDB_SUCCESS) {
return NT_STATUS_NO_MEMORY;
}
set_el = ldb_msg_find_element(msg, "pwdLastSet");
@@ -3358,8 +3370,14 @@ static NTSTATUS dcesrv_samr_SetUserInfo(struct dcesrv_call_state *dce_call, TALL
}
IFSET(SAMR_FIELD_EXPIRED_FLAG) {
+ NTTIME t = 0;
struct ldb_message_element *set_el;
- if (samdb_msg_add_uint64(sam_ctx, mem_ctx, msg, "pwdLastSet", 0) != LDB_SUCCESS) {
+ if (r->in.info->info23.info.password_expired
+ == PASS_DONT_CHANGE_AT_NEXT_LOGON) {
+ unix_to_nt_time(&t, time(NULL));
+ }
+ if (samdb_msg_add_uint64(sam_ctx, mem_ctx, msg,
+ "pwdLastSet", t) != LDB_SUCCESS) {
return NT_STATUS_NO_MEMORY;
}
set_el = ldb_msg_find_element(msg, "pwdLastSet");
@@ -3460,8 +3478,14 @@ static NTSTATUS dcesrv_samr_SetUserInfo(struct dcesrv_call_state *dce_call, TALL
}
IFSET(SAMR_FIELD_EXPIRED_FLAG) {
+ NTTIME t = 0;
struct ldb_message_element *set_el;
- if (samdb_msg_add_uint64(sam_ctx, mem_ctx, msg, "pwdLastSet", 0) != LDB_SUCCESS) {
+ if (r->in.info->info25.info.password_expired
+ == PASS_DONT_CHANGE_AT_NEXT_LOGON) {
+ unix_to_nt_time(&t, time(NULL));
+ }
+ if (samdb_msg_add_uint64(sam_ctx, mem_ctx, msg,
+ "pwdLastSet", t) != LDB_SUCCESS) {
return NT_STATUS_NO_MEMORY;
}
set_el = ldb_msg_find_element(msg, "pwdLastSet");
--
Samba Shared Repository
More information about the samba-cvs
mailing list