summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVolker Lendecke <vl@samba.org>2009-06-20 11:46:42 +0200
committerVolker Lendecke <vl@samba.org>2009-06-20 12:15:21 +0200
commit62eb817c06458070d090c1698e9c0a99914c6d78 (patch)
tree548fccb93f17e823c85802b8719bb11d6011a107
parentf24e63af2c27fdb68dfe3151eac30960316157c2 (diff)
downloadsamba-62eb817c06458070d090c1698e9c0a99914c6d78.tar.gz
samba-62eb817c06458070d090c1698e9c0a99914c6d78.tar.bz2
samba-62eb817c06458070d090c1698e9c0a99914c6d78.zip
Fix setting passwords in pdb_ads
The samba4 password_hash module does not allow changing the password fields via the "delete oldval" -> "add newval" set of modify operations, it requires a single "replace with newval" operation. Andrew, Samba3 by default uses that delete/add pair to detect if between fetching the old value and storing the new one the old value has changed. This is lost by using the "replace" operation. Would it make sense to add this to the password_hash module? Volker
-rw-r--r--source3/passdb/pdb_ads.c13
1 files changed, 7 insertions, 6 deletions
diff --git a/source3/passdb/pdb_ads.c b/source3/passdb/pdb_ads.c
index 0811082e84..4bd0b89d6d 100644
--- a/source3/passdb/pdb_ads.c
+++ b/source3/passdb/pdb_ads.c
@@ -258,6 +258,7 @@ static bool pdb_ads_init_ads_from_sam(struct pdb_ads_state *state,
struct samu *sam)
{
bool ret = true;
+ DATA_BLOB blob;
/* TODO: All fields :-) */
@@ -265,13 +266,13 @@ static bool pdb_ads_init_ads_from_sam(struct pdb_ads_state *state,
existing, mem_ctx, pnum_mods, pmods, "displayName",
"%s", pdb_get_fullname(sam));
- ret &= tldap_make_mod_blob(
- existing, mem_ctx, pnum_mods, pmods, "unicodePwd",
- data_blob_const(pdb_get_nt_passwd(sam), NT_HASH_LEN));
+ blob = data_blob_const(pdb_get_nt_passwd(sam), NT_HASH_LEN);
+ ret &= tldap_add_mod_blobs(mem_ctx, pmods, TLDAP_MOD_REPLACE,
+ "unicodePwd", 1, &blob);
- ret &= tldap_make_mod_blob(
- existing, mem_ctx, pnum_mods, pmods, "dBCSPwd",
- data_blob_const(pdb_get_lanman_passwd(sam), NT_HASH_LEN));
+ blob = data_blob_const(pdb_get_lanman_passwd(sam), NT_HASH_LEN);
+ ret &= tldap_add_mod_blobs(mem_ctx, pmods, TLDAP_MOD_REPLACE,
+ "dBCSPwd", 1, &blob);
ret &= tldap_make_mod_fmt(
existing, mem_ctx, pnum_mods, pmods, "userAccountControl",