modifyTimestamp on samba-3.0.3
Jim McDonough
jmcd at us.ibm.com
Thu May 6 11:27:32 GMT 2004
>We cannot remove the \"modifyTimestamop\" from atrrib_map_v30[], because
this
>attribute list will be used in ldapsam_getsampwnam to get the ldap entry
>which is used in init_sam_from_ldap. If an attribute is not in that entry,
>the call ldap_get_values will fail. This is why the bad_password_count
didn\'t
>work on 3.0.3, in which the ldapsam_get_entry_timestamp will always fail.
I haven't yet verified that this is the source of your problems, but the
patch you included breaks all systems where you don't have "ldap delete dn
= yes", because we will try to delete all the attributes rather than the
entire dn, and you can _never_ delete an operation attribute.
This patch as submitted must not be included until the code is modified to
handle not deleting certain attributes.
----------------------------
Jim McDonough
IBM Linux Technology Center
Samba Team
6 Minuteman Drive
Scarborough, ME 04074
USA
jmcd at us.ibm.com
jmcd at samba.org
Phone: (207) 885-5565
IBM tie-line: 776-9984
More information about the samba-technical
mailing list