summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
authorJim McDonough <jmcd@samba.org>2008-06-09 11:45:39 -0400
committerJim McDonough <jmcd@samba.org>2008-06-09 11:49:29 -0400
commit13b2f59383c117033605df77935a67c7cc1c8da1 (patch)
tree1228d986ed003d4f2cdbc4aae41870722e69a1a3 /source3/rpc_server
parentb76f9673004e2337d459de85d78c85544b8bcdef (diff)
downloadsamba-13b2f59383c117033605df77935a67c7cc1c8da1.tar.gz
samba-13b2f59383c117033605df77935a67c7cc1c8da1.tar.bz2
samba-13b2f59383c117033605df77935a67c7cc1c8da1.zip
Don't reset password last set time just because the expired flag
is set to 0. If the account wasn't expired but autolocked, using "net user /dom <username> /active:y" would clear this, incorrectly setting the current time as the new "password last set" time. (This used to be commit 0f292d70f698b8ae885005b5704a96476e876571)
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_samr_util.c10
1 files changed, 9 insertions, 1 deletions
diff --git a/source3/rpc_server/srv_samr_util.c b/source3/rpc_server/srv_samr_util.c
index 74daf46e84..ef588aed1a 100644
--- a/source3/rpc_server/srv_samr_util.c
+++ b/source3/rpc_server/srv_samr_util.c
@@ -339,7 +339,15 @@ void copy_id21_to_sam_passwd(const char *log_prefix,
if (from->password_expired == PASS_MUST_CHANGE_AT_NEXT_LOGON) {
pdb_set_pass_last_set_time(to, 0, PDB_CHANGED);
} else {
- pdb_set_pass_last_set_time(to, time(NULL),PDB_CHANGED);
+ /* A subtlety here: some windows commands will
+ clear the expired flag even though it's not
+ set, and we don't want to reset the time
+ in these caess. "net user /dom <user> /active:y"
+ for example, to clear an autolocked acct.
+ We must check to see if it's expired first. jmcd */
+ stored_time = pdb_get_pass_last_set_time(to);
+ if (stored_time == 0)
+ pdb_set_pass_last_set_time(to, time(NULL),PDB_CHANGED);
}
}
}