bad password count and ldap problems
Richard Renard
rrenard at idealx.com
Mon May 17 19:25:23 GMT 2004
Hi list,
I have some troubles with bad password count and openldap (2.0.23,
debian woody). The problem is that the bad password count is never
updated when a wrong password is given.
I found out that there is a query for "modifyTimestamp" in
init_sam_from_ldap() but this field is never retrieved when the query
for user attributes is done.
That makes the function return and the bad_password_count is never
updated more than one (in my case it always stayed to 1 in login_cache.tdb).
Here is a fix that works for me.
Richard.
--
Richard Renard
rrenard at idealx.com
-------------- next part --------------
diff -ruN samba-3.0.4.orig/source/include/smbldap.h samba-3.0.4/source/include/smbldap.h
--- samba-3.0.4.orig/source/include/smbldap.h 2004-04-20 22:42:57.000000000 +0200
+++ samba-3.0.4/source/include/smbldap.h 2004-05-17 18:46:27.000000000 +0200
@@ -93,6 +93,7 @@
#define LDAP_ATTR_LOGON_COUNT 36
#define LDAP_ATTR_MUNGED_DIAL 37
#define LDAP_ATTR_BAD_PASSWORD_TIME 38
+#define LDAP_ATTR_MODIFY_TIMESTAMP 39
#define LDAP_ATTR_SID_LIST 40
diff -ruN samba-3.0.4.orig/source/lib/smbldap.c samba-3.0.4/source/lib/smbldap.c
--- samba-3.0.4.orig/source/lib/smbldap.c 2004-04-20 22:42:55.000000000 +0200
+++ samba-3.0.4/source/lib/smbldap.c 2004-05-17 18:24:09.000000000 +0200
@@ -100,6 +100,7 @@
{ LDAP_ATTR_MUNGED_DIAL, "sambaMungedDial" },
{ LDAP_ATTR_BAD_PASSWORD_COUNT, "sambaBadPasswordCount" },
{ LDAP_ATTR_BAD_PASSWORD_TIME, "sambaBadPasswordTime" },
+ { LDAP_ATTR_MODIFY_TIMESTAMP, "modifyTimestamp" },
{ LDAP_ATTR_LIST_END, NULL }
};
More information about the samba-technical
mailing list