kerberos auth account restrictions
James Peach
jpeach at samba.org
Wed Jun 13 18:04:03 GMT 2007
hi all,
In check_sam_security(), we check whether the account is locked out
like this:
/* see if autolock flag needs to be updated */
if (pdb_get_acct_ctrl(sampass) & ACB_NORMAL)
pdb_update_autolock_flag(sampass, &updated_autolock);
/* Quit if the account was locked out. */
if (pdb_get_acct_ctrl(sampass) & ACB_AUTOLOCK) {
DEBUG(3,("check_sam_security: Account for user %s was locked out.\n",
pdb_get_username(sampass)));
return NT_STATUS_ACCOUNT_LOCKED_OUT;
}
Is there a good reason that we don't do this for Kerberos auth in
reply_spnego_kerberos()?
--
James Peach | jpeach at samba.org
More information about the samba-technical
mailing list