sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-09 08:58:35 +03:00
Code

Don't reset password last set time just because the expired flag

Browse Source 
is set to 0.  If the account wasn't expired but autolocked,
using "net user /dom <username> /active:y" would clear this,
incorrectly setting the current time as the new "password last set"
time.
(This used to be commit 0f292d70f698b8ae885005b5704a96476e876571)
This commit is contained in:
Jim McDonough 2008-06-09 11:45:39 -04:00
parent b76f967300
commit 13b2f59383
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
source3/rpc_server/srv_samr_util.c
View File

@ -339,7 +339,15 @@ void copy_id21_to_sam_passwd(const char *log_prefix,
if (from->password_expired == PASS_MUST_CHANGE_AT_NEXT_LOGON) {
pdb_set_pass_last_set_time(to, 0, PDB_CHANGED);
} else {
pdb_set_pass_last_set_time(to, time(NULL),PDB_CHANGED);
/* A subtlety here: some windows commands will
clear the expired flag even though it's not
set, and we don't want to reset the time
in these caess. "net user /dom <user> /active:y"
for example, to clear an autolocked acct.
We must check to see if it's expired first. jmcd */
stored_time = pdb_get_pass_last_set_time(to);
if (stored_time == 0)
pdb_set_pass_last_set_time(to, time(NULL),PDB_CHANGED);
}
}
}