sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-07-29 15:42:04 +03:00
Code Activity

s4-s3-upgrade: Max/min password age policy is in seconds, not days

Browse Source 
This cases upgraded domains to have a too-long password expiry, which in extreme
cases can cause the KDC to misfunction.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Sun May  6 14:49:39 CEST 2012 on sn-devel-104
This commit is contained in:
Andrew Bartlett
2012-05-06 16:41:18 +10:00
parent db11c1b120
commit c2b094ffbc
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
source4/scripting/python/samba/upgrade.py
View File

@ -60,7 +60,7 @@ def import_sam_policy(samdb, policy, logger):
ldb.FLAG_MOD_REPLACE, 'pwdHistoryLength') ldb.FLAG_MOD_REPLACE, 'pwdHistoryLength')
min_pw_age_unix = policy['minimum password age'] min_pw_age_unix = policy['minimum password age']
min_pw_age_nt = int(-min_pw_age_unix * (1e7 * 60 * 60 * 24)) min_pw_age_nt = int(-min_pw_age_unix * (1e7))
m['a03'] = ldb.MessageElement(str(min_pw_age_nt), ldb.FLAG_MOD_REPLACE, m['a03'] = ldb.MessageElement(str(min_pw_age_nt), ldb.FLAG_MOD_REPLACE,
'minPwdAge') 'minPwdAge')
@ -68,7 +68,7 @@ def import_sam_policy(samdb, policy, logger):
if max_pw_age_unix == -1 or max_pw_age_unix == 0: if max_pw_age_unix == -1 or max_pw_age_unix == 0:
max_pw_age_nt = -0x8000000000000000 max_pw_age_nt = -0x8000000000000000
else: else:
max_pw_age_nt = int(-max_pw_age_unix * (1e7 * 60 * 60 * 24)) max_pw_age_nt = int(-max_pw_age_unix * (1e7))
m['a04'] = ldb.MessageElement(str(max_pw_age_nt), ldb.FLAG_MOD_REPLACE, m['a04'] = ldb.MessageElement(str(max_pw_age_nt), ldb.FLAG_MOD_REPLACE,
'maxPwdAge') 'maxPwdAge')