summaryrefslogtreecommitdiff
path: root/source3/nsswitch/winbindd_nss.h
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2007-02-22 13:35:01 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:18:08 -0500
commit9684e353a16cd18424f5b35a5d84ae3c2a03ae70 (patch)
treef254fcf8660eb7988d1b1f58168f1fbd7df7f81a /source3/nsswitch/winbindd_nss.h
parentca229b0980b5c78f140180db764b3229d5ccb078 (diff)
downloadsamba-9684e353a16cd18424f5b35a5d84ae3c2a03ae70.tar.gz
samba-9684e353a16cd18424f5b35a5d84ae3c2a03ae70.tar.bz2
samba-9684e353a16cd18424f5b35a5d84ae3c2a03ae70.zip
r21500: Fix inappropriate creation of a krb5 ticket refreshing event when a user
changed a password via pam_chauthtok. Only do this if a) a user logs on using an expired password (or a password that needs to be changed immediately) or b) the user itself changes his password. Also make sure to delete the in-memory krb5 credential cache (when a user did not request a FILE based cred cache). Finally honor the krb5 settings in the first pam authentication in the chauthtok block (PAM_PRELIM_CHECK). This circumvents confusion when NTLM samlogon authentication is still possible with the old password after the password has been already changed (on w2k3 sp1 dcs). Guenther (This used to be commit c3005c48cd86bc1dd17fab80da05c2d34071b872)
Diffstat (limited to 'source3/nsswitch/winbindd_nss.h')
0 files changed, 0 insertions, 0 deletions