diff options
author | Jim McDonough <jmcd@samba.org> | 2004-03-18 19:22:51 +0000 |
---|---|---|
committer | Jim McDonough <jmcd@samba.org> | 2004-03-18 19:22:51 +0000 |
commit | 357998ddbdeb2fae0a30c578e747154fec22c180 (patch) | |
tree | e1d3c687163e603256b60dad9d56333bdc70e5c4 /source3/lib | |
parent | 5d40499b9f46aff4a70aeda0b8b3b147d2d69c2a (diff) | |
download | samba-357998ddbdeb2fae0a30c578e747154fec22c180.tar.gz samba-357998ddbdeb2fae0a30c578e747154fec22c180.tar.bz2 samba-357998ddbdeb2fae0a30c578e747154fec22c180.zip |
Password lockout for LDAP backend. Caches autolock flag, bad count, and
bad time locally, updating the directory only for hitting the policy limit
or resetting.
This needed to be done at the passdb level rather than auth, because some
of the functions need to be supported from tools such as pdbedit. It was
done at the LDAP backend level instead of generically after discussion,
because of the complexity of inserting it at a higher level.
The login cache read/write/delete is outside of the ldap backend, so it could
easily be called by other backends. tdbsam won't call it for obvious
reasons, and authors of other backends need to decide if they want to
implement it.
(This used to be commit 2a679cbc87a2a9111e9e6cdebbb62dec0ab3a0c0)
Diffstat (limited to 'source3/lib')
-rw-r--r-- | source3/lib/smbldap.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c index 2c76e84254..18979e2f76 100644 --- a/source3/lib/smbldap.c +++ b/source3/lib/smbldap.c @@ -100,6 +100,7 @@ ATTRIB_MAP_ENTRY attrib_map_v30[] = { { LDAP_ATTR_MUNGED_DIAL, "sambaMungedDial" }, { LDAP_ATTR_BAD_PASSWORD_COUNT, "sambaBadPasswordCount" }, { LDAP_ATTR_BAD_PASSWORD_TIME, "sambaBadPasswordTime" }, + { LDAP_ATTR_MOD_TIMESTAMP, "modifyTimestamp" }, { LDAP_ATTR_LIST_END, NULL } }; @@ -1394,3 +1395,4 @@ char *smbldap_get_dn(LDAP *ld, LDAPMessage *entry) ldap_memfree(utf8_dn); return unix_dn; } + |