[Patch] myldap-pub.py
Lukasz Zalewski
lukas at dcs.qmul.ac.uk
Fri Aug 27 09:42:25 MDT 2010
On 08/20/2010 08:46 PM, Lukasz Zalewski wrote:
> On 20/08/2010 17:06, Matthias Dieter Wallnöfer wrote:
>> Hi Lukasz,
>>
>> Lukasz Zalewski wrote:
>>> Hi Matthias,
>>> On 08/20/2010 06:55 AM, Matthias Dieter Wallnöfer wrote:
>>> Yup the account is non-functional, but what confused me was it didn't
>>> have the diabled account flag set. So my question is shall the script
>>> explicitly set disabled flag if no hashes are present (or no NT has is
>>> present) or shall we leave it as it is
>> Well, I would suggest it since at least Windows Server allows accounts
>> without passwords only with the disabled flag (you cannot enable an
>> account without any password). On the other hand s4 doesn't implement
>> this check yet, I think. So it' up to you what you prefer.
> Ok i will set account disabled flag on user account if NTLM hash is
> missing.
>>> The script is intended to import hashes, rather than plain texp pwds
>>> (or no passwords) so i believe metze's way is the only way ;)
>> Yeah, please do that.
>>
>> Matthias
> Luk
Matthias, Metze, all
Now if unicodePwd element is missing account automatically has disabled
flag set. This only applies to users at the moment.
Patch attached
Regards
Luk
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: myldap-pub-2.ldif
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20100827/3e948755/attachment.ksh>
More information about the samba-technical
mailing list