diff options
author | Volker Lendecke <vl@samba.org> | 2009-06-20 11:46:42 +0200 |
---|---|---|
committer | Volker Lendecke <vl@samba.org> | 2009-06-20 12:15:21 +0200 |
commit | 62eb817c06458070d090c1698e9c0a99914c6d78 (patch) | |
tree | 548fccb93f17e823c85802b8719bb11d6011a107 | |
parent | f24e63af2c27fdb68dfe3151eac30960316157c2 (diff) | |
download | samba-62eb817c06458070d090c1698e9c0a99914c6d78.tar.gz samba-62eb817c06458070d090c1698e9c0a99914c6d78.tar.bz2 samba-62eb817c06458070d090c1698e9c0a99914c6d78.zip |
Fix setting passwords in pdb_ads
The samba4 password_hash module does not allow changing the password fields via
the "delete oldval" -> "add newval" set of modify operations, it requires a
single "replace with newval" operation.
Andrew, Samba3 by default uses that delete/add pair to detect if between
fetching the old value and storing the new one the old value has changed. This
is lost by using the "replace" operation.
Would it make sense to add this to the password_hash module?
Volker
-rw-r--r-- | source3/passdb/pdb_ads.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/source3/passdb/pdb_ads.c b/source3/passdb/pdb_ads.c index 0811082e84..4bd0b89d6d 100644 --- a/source3/passdb/pdb_ads.c +++ b/source3/passdb/pdb_ads.c @@ -258,6 +258,7 @@ static bool pdb_ads_init_ads_from_sam(struct pdb_ads_state *state, struct samu *sam) { bool ret = true; + DATA_BLOB blob; /* TODO: All fields :-) */ @@ -265,13 +266,13 @@ static bool pdb_ads_init_ads_from_sam(struct pdb_ads_state *state, existing, mem_ctx, pnum_mods, pmods, "displayName", "%s", pdb_get_fullname(sam)); - ret &= tldap_make_mod_blob( - existing, mem_ctx, pnum_mods, pmods, "unicodePwd", - data_blob_const(pdb_get_nt_passwd(sam), NT_HASH_LEN)); + blob = data_blob_const(pdb_get_nt_passwd(sam), NT_HASH_LEN); + ret &= tldap_add_mod_blobs(mem_ctx, pmods, TLDAP_MOD_REPLACE, + "unicodePwd", 1, &blob); - ret &= tldap_make_mod_blob( - existing, mem_ctx, pnum_mods, pmods, "dBCSPwd", - data_blob_const(pdb_get_lanman_passwd(sam), NT_HASH_LEN)); + blob = data_blob_const(pdb_get_lanman_passwd(sam), NT_HASH_LEN); + ret &= tldap_add_mod_blobs(mem_ctx, pmods, TLDAP_MOD_REPLACE, + "dBCSPwd", 1, &blob); ret &= tldap_make_mod_fmt( existing, mem_ctx, pnum_mods, pmods, "userAccountControl", |