diff options
| author | Jim McDonough <jmcd@samba.org> | 2006-10-03 17:14:18 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:15:06 -0500 |
| commit | dc1f0804dd8177d3c3a0b2db993855d5679e9565 (patch) | |
| tree | 9893078628f8963ca854411001cd3c7fdcff998d /source3/auth/auth_sam.c | |
| parent | b96aae779bdbd96677aef58d205282605046a8a6 (diff) | |
| download | samba-dc1f0804dd8177d3c3a0b2db993855d5679e9565.tar.gz samba-dc1f0804dd8177d3c3a0b2db993855d5679e9565.tar.bz2 samba-dc1f0804dd8177d3c3a0b2db993855d5679e9565.zip | |
r19058: Implement "user cannot change password", and complete "user must change
password at next logon" code. The "password last set time" of zero now
means "user must change password", because that's how windows seems to
use it. The "can change" and "must change" times are now calculated
based on the "last set" time and policies.
We use the "can change" field now to indicate that a user cannot change
a password by putting MAX_TIME_T in it (so long as "last set" time isn't
zero). Based on this, we set the password-can-change bit in the
faked secdesc.
(This used to be commit 21abbeaee9b7f7cff1d34d048463c30cda44a2e3)
Diffstat (limited to 'source3/auth/auth_sam.c')
| -rw-r--r-- | source3/auth/auth_sam.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c index ec405dd2be..847315ef88 100644 --- a/source3/auth/auth_sam.c +++ b/source3/auth/auth_sam.c @@ -168,7 +168,7 @@ static NTSTATUS sam_account_ok(TALLOC_CTX *mem_ctx, time_t last_set_time = pdb_get_pass_last_set_time(sampass); /* check for immediate expiry "must change at next logon" */ - if (must_change_time == 0 && last_set_time != 0) { + if (last_set_time == 0) { DEBUG(1,("sam_account_ok: Account for user '%s' password must change!.\n", pdb_get_username(sampass))); return NT_STATUS_PASSWORD_MUST_CHANGE; } |