sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Code

s4:auth/sam: only reset badPwdCount when the effetive value is not 0 already

Browse Source 
Non interactive logons doesn't reset badPwdCount to 0
when the effective badPwdCount is already 0
(with (badPasswordTime + lockOutObservationWindows) < now).

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Stefan Metzmacher 2016-02-03 19:33:51 +01:00 committed by Andrew Bartlett
parent a35a5e9022
commit 1acd477960
1 changed files with 12 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
source4/auth/sam.c
View File

@ -810,19 +810,25 @@ NTSTATUS authsam_logon_success_accounting(struct ldb_context *sam_ctx,
NTTIME lastLogonTimestamp;
NTTIME lastLogon;
mem_ctx = talloc_new(msg);
if (mem_ctx == NULL) {
return NT_STATUS_NO_MEMORY;
}
lockoutTime = ldb_msg_find_attr_as_int64(msg, "lockoutTime", 0);
badPwdCount = ldb_msg_find_attr_as_int(msg, "badPwdCount", 0);
lastLogonTimestamp = \
if (interactive_or_kerberos) {
badPwdCount = ldb_msg_find_attr_as_int(msg, "badPwdCount", 0);
} else {
badPwdCount = samdb_result_effective_badPwdCount(sam_ctx, mem_ctx,
domain_dn, msg);
}
lastLogonTimestamp =
ldb_msg_find_attr_as_int64(msg, "lastLogonTimestamp", 0);
lastLogon = ldb_msg_find_attr_as_int64(msg, "lastLogon", 0);
DEBUG(5, ("lastLogonTimestamp is %lld\n",
(long long int)lastLogonTimestamp));
mem_ctx = talloc_new(msg);
if (mem_ctx == NULL) {
return NT_STATUS_NO_MEMORY;
}
msg_mod = ldb_msg_new(mem_ctx);
if (msg_mod == NULL) {
TALLOC_FREE(mem_ctx);