[PATCH] Active Directory account locked when using winbind refresh tickets
David Mulder
dmulder at suse.com
Wed Nov 23 18:19:31 UTC 2016
Hi all,
I'm new working on the SUSE Samba team. I've attached a patch here, and
also posted a pull request at https://github.com/samba-team/samba. Which
(if any?) is the preferred why to submit patches?
This is to resolve an issue where user accounts get locked out due to
winbind refreshing tickets using cached passwords (after the password
has been modified, but the wrong password is still cached).
It's my opinion that the password kinit should be disabled by default.
Does anyone disagree?
I suspect I may need to add a check to krb5_ticket_gain_handler() also.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: bug_12443.patch
Type: text/x-patch
Size: 2368 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20161123/724fb706/bug_12443.bin>
More information about the samba-technical
mailing list