r25401: BUG 4982: Don't delete lanman hashes on invalid logins when

using the "lanman auth = no".  Tested by Guenter Kukkukk.
(This used to be commit 611fdd95a583ebd22ffa17e2f39c5a1bb0936c63)

1 files changed, 6 insertions, 4 deletions

diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c
index eb02ad4e7d..9070de1ce4 100644
--- a/source3/auth/auth_sam.c
+++ b/source3/auth/auth_sam.c
@@ -294,14 +294,16 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
 	nt_status = sam_password_ok(auth_context, mem_ctx, sampass, 
 				    user_info, &user_sess_key, &lm_sess_key);
 
-	/* Notify passdb backend of login success/failure. If not NT_STATUS_OK the backend doesn't like the login */
+	/* Notify passdb backend of login success/failure. If not 
+	   NT_STATUS_OK the backend doesn't like the login */
+
 	update_login_attempts_status = pdb_update_login_attempts(sampass, NT_STATUS_IS_OK(nt_status));
-	if (!NT_STATUS_IS_OK(update_login_attempts_status))
-		nt_status = update_login_attempts_status;
 
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		if (NT_STATUS_EQUAL(nt_status,NT_STATUS_WRONG_PASSWORD) && 
-		    pdb_get_acct_ctrl(sampass) &ACB_NORMAL) {  
+		    pdb_get_acct_ctrl(sampass) &ACB_NORMAL &&
+		    NT_STATUS_IS_OK(update_login_attempts_status)) 
+		{  
 			pdb_increment_bad_password_count(sampass);
 			updated_badpw = True;
 		} else {