[patch] migration of additional user attributes

Andrew Bartlett abartlet at samba.org
Sat Oct 30 00:01:40 GMT 2004

On Fri, 2004-10-29 at 03:53, Lars MÜLLER wrote:
> Hi,
> the attached patch tries to migrate several informations available in
> SAM_ACCOUNT_INFO which are not yet propageted to SAM_ACCOUNT.
> bad_pwd_count is stored as bad_password_count
> logon_count as logon_count
> acct_expiry_time is new to SAM_ACCOUNT.

How does it differ from the kickoff time?

> sam_account_ok() returns with NT_STATUS_ACCOUNT_EXPIRED if the account
> is expired.
> If delta->pwd_expired is set I manipulate must_change_time and
> last_set_time to trigger a NT_STATUS_PASSWORD_MUST_CHANGE from a call to
> sam_account_ok() for this user.
> Unfortunately I can't test this as I currently happily only have Linux
> boxes available.  But it compiles and links without additional warnings.

Well, you will need to find that friendly DC :-)

> I'm not sure if this is the right approach or if I'm completely wrong.
> But if this is the right direction I'll try to add logon_hours next.

It looks pretty much how it should be, except that I suspect the
nt_time_is_zero stuff might really be dependent on separate flags, and
the zeros are just initialisation.  (that's how it is in SAMR)

Andrew Bartlett

Andrew Bartlett                                 abartlet at samba.org
Authentication Developer, Samba Team            http://samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20041030/8ebef278/attachment.bin

More information about the samba-technical mailing list