summaryrefslogtreecommitdiff
path: root/source3/lib
diff options
context:
space:
mode:
authorJim McDonough <jmcd@samba.org>2004-03-18 19:22:51 +0000
committerJim McDonough <jmcd@samba.org>2004-03-18 19:22:51 +0000
commit357998ddbdeb2fae0a30c578e747154fec22c180 (patch)
treee1d3c687163e603256b60dad9d56333bdc70e5c4 /source3/lib
parent5d40499b9f46aff4a70aeda0b8b3b147d2d69c2a (diff)
downloadsamba-357998ddbdeb2fae0a30c578e747154fec22c180.tar.gz
samba-357998ddbdeb2fae0a30c578e747154fec22c180.tar.bz2
samba-357998ddbdeb2fae0a30c578e747154fec22c180.zip
Password lockout for LDAP backend. Caches autolock flag, bad count, and
bad time locally, updating the directory only for hitting the policy limit or resetting. This needed to be done at the passdb level rather than auth, because some of the functions need to be supported from tools such as pdbedit. It was done at the LDAP backend level instead of generically after discussion, because of the complexity of inserting it at a higher level. The login cache read/write/delete is outside of the ldap backend, so it could easily be called by other backends. tdbsam won't call it for obvious reasons, and authors of other backends need to decide if they want to implement it. (This used to be commit 2a679cbc87a2a9111e9e6cdebbb62dec0ab3a0c0)
Diffstat (limited to 'source3/lib')
-rw-r--r--source3/lib/smbldap.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c
index 2c76e84254..18979e2f76 100644
--- a/source3/lib/smbldap.c
+++ b/source3/lib/smbldap.c
@@ -100,6 +100,7 @@ ATTRIB_MAP_ENTRY attrib_map_v30[] = {
{ LDAP_ATTR_MUNGED_DIAL, "sambaMungedDial" },
{ LDAP_ATTR_BAD_PASSWORD_COUNT, "sambaBadPasswordCount" },
{ LDAP_ATTR_BAD_PASSWORD_TIME, "sambaBadPasswordTime" },
+ { LDAP_ATTR_MOD_TIMESTAMP, "modifyTimestamp" },
{ LDAP_ATTR_LIST_END, NULL }
};
@@ -1394,3 +1395,4 @@ char *smbldap_get_dn(LDAP *ld, LDAPMessage *entry)
ldap_memfree(utf8_dn);
return unix_dn;
}
+