[PATCH] LastLogon and LastLogonTimestamp
Ralph Boehme
rb at sernet.de
Mon Dec 14 11:03:25 UTC 2015
On Thu, Dec 03, 2015 at 11:48:03AM +0100, Ralph Boehme wrote:
> On Thu, Dec 03, 2015 at 06:03:02PM +1300, Garming Sam wrote:
> > Attached the this mail are some patches originally written by Douglas
> > Bagnall (who is currently off and about) to implement the lastLogonTimestamp
> > attribute. In addition, some further tests were added to the password
> > lockout tests to check the update of lastLogon and lastLogonTimestamp.
> > Douglas had them running and passing against 2012R2.
> >
> > I tidied them up slightly from Douglas, but they're otherwise unchanged.
> > Hopefully they are self-explanatory enough and well commented from Douglas'
> > analysis of the behaviour.
> >
> > Please review and push.
>
> nice work! Looking at it closely...
besides a few nit-picks all reviewed-by-me. Attached is a patch with
some minor fixups.
-Ralph
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de,mailto:kontakt@sernet.de
-------------- next part --------------
From 2e46300fda497da21b6dedda6472e20672b86210 Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Thu, 10 Dec 2015 18:06:56 +0100
Subject: [PATCH] FIXUP: auth: keep track of lastLogon and lastLogonTimestamp
Some minor fixes, can be squashed into commit:
auth: keep track of lastLogon and lastLogonTimestamp
- make authsam_update_lastlogon_timestamp() static
- remove escape sequences from DEBUG messages
- remove a commented out argument in a call to self._check_account()
Signed-off-by: Ralph Boehme <slow at samba.org>
---
source4/auth/sam.c | 6 +++---
source4/dsdb/tests/python/password_lockout.py | 1 -
2 files changed, 3 insertions(+), 4 deletions(-)
diff --git a/source4/auth/sam.c b/source4/auth/sam.c
index 77f5bea..9ca6fa2 100644
--- a/source4/auth/sam.c
+++ b/source4/auth/sam.c
@@ -692,7 +692,7 @@ NTSTATUS authsam_update_bad_pwd_count(struct ldb_context *sam_ctx,
return NT_STATUS_OK;
}
-NTSTATUS authsam_update_lastlogon_timestamp(struct ldb_context *sam_ctx,
+static NTSTATUS authsam_update_lastlogon_timestamp(struct ldb_context *sam_ctx,
struct ldb_message *msg_mod,
struct ldb_dn *domain_dn,
NTTIME old_timestamp,
@@ -774,7 +774,7 @@ NTSTATUS authsam_update_lastlogon_timestamp(struct ldb_context *sam_ctx,
/* then what? */
} else if (old_timestamp < now - sync_interval_nt){
- DEBUG(5, ("\033[01;31m updating lastLogonTimestamp to %lld\033[00m\n",
+ DEBUG(5, ("updating lastLogonTimestamp to %lld\n",
(long long int)now));
/* The time has come to update lastLogonTimestamp */
@@ -815,7 +815,7 @@ NTSTATUS authsam_logon_success_accounting(struct ldb_context *sam_ctx,
ldb_msg_find_attr_as_int64(msg, "lastLogonTimestamp", 0);
lastLogon = ldb_msg_find_attr_as_int64(msg, "lastLogon", 0);
- DEBUG(5, ("\033[01;32m lastLogonTimestamp is %lld\033[00m\n",
+ DEBUG(5, ("lastLogonTimestamp is %lld\n",
(long long int)lastLogonTimestamp));
mem_ctx = talloc_new(msg);
diff --git a/source4/dsdb/tests/python/password_lockout.py b/source4/dsdb/tests/python/password_lockout.py
index 3972dec..e6badbc 100755
--- a/source4/dsdb/tests/python/password_lockout.py
+++ b/source4/dsdb/tests/python/password_lockout.py
@@ -1380,7 +1380,6 @@ unicodePwd:: """ + base64.b64encode("\"thatsAcomplPASS2\"".encode('utf-16-le'))
badPasswordTime=("greater", badPasswordTime),
lastLogon=lastLogon,
lastLogonTimestamp=lastLogonTimestamp,
- #lastLogonTimestamp=firstLogon,
userAccountControl=
dsdb.UF_NORMAL_ACCOUNT,
msDSUserAccountControlComputed=0,
--
2.5.0
More information about the samba-technical
mailing list