conflict between new password must change code and force uninitialized passwords

Jim McDonough jmcd at
Mon Oct 2 02:03:29 GMT 2006

On 10/1/06, Jim McDonough <jmcd at> wrote:
> I've found a conflict between the new "password must change at next logon"
> code and the forcing of "uninitialized" passwords keyed off of the
> pass_last_set_time of zero.  My suspicion is that the pass_last_set_time of
> zero was misinterpreted, but I'm going to run some vampire tests to verify
> this.  At least in the user_info_21 and _23 structures, windows uses 0 to
> mean "must change at next logon".
> So basically, right now, if you set this flag, your password will be
> cleared out.

So my latest bzr has this
changed.  I didn't change the vampire code to not clear out the passwords,
but if you agree this is the right way to treat a zero in this field, I'll
fix the vampire code too.  I'm pretty sure we just interpreted it
incorrectly before.

More information about the samba-technical mailing list