The exop password change branch

Matthias Dieter Wallnöfer mdw at
Thu Nov 18 03:46:03 MST 2010

Hi abartlet,

Andrew Bartlett wrote:
> Matthias,
> I thought you asked me recently to look at your extended password change
> operation code, so I've looked over your 'exop' branch, and I have so
> say, the code looks pretty good (and somehow simpler than I imagined).
> I would however like to comment on a few things, to make it even better:
> While it's great to have the extended op in the same module as the rest
> of the password changes, it does mean that we go down the stack, then
> back up again.  I wonder if it might be better to have a new module at
> the top of the stack, so the process is clearer.
Well, but there aren't so many modules, which implement extended 
operations - therefore this shouldn't take too long. And I think this 
really belongs in the "password_hash" module - well it's my personal 
point of view.
> The patch should also allow administrative password changes, where just
> like on unicodePwd, the admin does not need to specify the old password.
Probably you are right. Will look again into the code.
> I couldn't find the ASN.1 code, which I think you were trying to ask me
> (somewhere - I can't remember where) to look over.  Can you point me at
> it?  I think this will be one of our first extended operations to be
> decoded in the LDAP server, so you may need to set up some
> infrastructure :-)
The issue is that I really do understand nothing about ASN.1. Therefore 
it would be great if someone could take over this part or give me some 
tight instructions.


More information about the samba-technical mailing list