diff options
author | Jim McDonough <jmcd@samba.org> | 2008-06-09 11:45:39 -0400 |
---|---|---|
committer | Jim McDonough <jmcd@samba.org> | 2008-06-09 11:49:29 -0400 |
commit | 13b2f59383c117033605df77935a67c7cc1c8da1 (patch) | |
tree | 1228d986ed003d4f2cdbc4aae41870722e69a1a3 /source3/rpc_server | |
parent | b76f9673004e2337d459de85d78c85544b8bcdef (diff) | |
download | samba-13b2f59383c117033605df77935a67c7cc1c8da1.tar.gz samba-13b2f59383c117033605df77935a67c7cc1c8da1.tar.bz2 samba-13b2f59383c117033605df77935a67c7cc1c8da1.zip |
Don't reset password last set time just because the expired flag
is set to 0. If the account wasn't expired but autolocked,
using "net user /dom <username> /active:y" would clear this,
incorrectly setting the current time as the new "password last set"
time.
(This used to be commit 0f292d70f698b8ae885005b5704a96476e876571)
Diffstat (limited to 'source3/rpc_server')
-rw-r--r-- | source3/rpc_server/srv_samr_util.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/source3/rpc_server/srv_samr_util.c b/source3/rpc_server/srv_samr_util.c index 74daf46e84..ef588aed1a 100644 --- a/source3/rpc_server/srv_samr_util.c +++ b/source3/rpc_server/srv_samr_util.c @@ -339,7 +339,15 @@ void copy_id21_to_sam_passwd(const char *log_prefix, if (from->password_expired == PASS_MUST_CHANGE_AT_NEXT_LOGON) { pdb_set_pass_last_set_time(to, 0, PDB_CHANGED); } else { - pdb_set_pass_last_set_time(to, time(NULL),PDB_CHANGED); + /* A subtlety here: some windows commands will + clear the expired flag even though it's not + set, and we don't want to reset the time + in these caess. "net user /dom <user> /active:y" + for example, to clear an autolocked acct. + We must check to see if it's expired first. jmcd */ + stored_time = pdb_get_pass_last_set_time(to); + if (stored_time == 0) + pdb_set_pass_last_set_time(to, time(NULL),PDB_CHANGED); } } } |