diff options
author | Andrew Bartlett <abartlet@samba.org> | 2002-10-12 03:38:07 +0000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2002-10-12 03:38:07 +0000 |
commit | 4ac9ccfde4d36e3b6065c65c92dd02dddb78b4f2 (patch) | |
tree | 3a4d155eebb79435dc1b6b9493028a259bc13a30 /source3/smbd | |
parent | 4920d2192206b6e0072d078cfba08f91bb03651d (diff) | |
download | samba-4ac9ccfde4d36e3b6065c65c92dd02dddb78b4f2.tar.gz samba-4ac9ccfde4d36e3b6065c65c92dd02dddb78b4f2.tar.bz2 samba-4ac9ccfde4d36e3b6065c65c92dd02dddb78b4f2.zip |
Nice *big* patch from metze.
The actual design change is relitivly small however:
It all goes back to jerry's 'BOOL store', added to many of the elements in a
SAM_ACCOUNT. This ensured that smb.conf defaults did not get 'fixed' into
ldap. This was a great win for admins, and this patch follows in the same way.
This patch extends the concept - we don't store values back into LDAP unless
they have been changed. So if we read a value, but don't update it, or we
read a value, find it's not there and use a default, we will not update
ldap with that value. This reduced clutter in our LDAP DB, and makes it
easier to change defaults later on.
Metze's particular problem was that when we 'write back' an unchanged value,
we would clear any muliple values in that feild. Now he can still have his
mulitivalued 'uid' feild, without Samba changing it for *every* other
operation.
This also applies to many other attributes, and helps to eliminate a nasty
race condition. (Time between get and set)
This patch is big, and needs more testing, but metze has tested usrmgr, and
I've fixed some pdbedit bugs, and tested domain joins, so it isn't compleatly
flawed ;-).
The same system will be introduced into the SAM code shortly, but this fixes
bugs that people were coming across in production uses of Samba 3.0/HEAD, hence
it's inclusion here.
Andrew Bartlett
(This used to be commit 7f237bde212eb188df84a5d8adb598a93fba8155)
Diffstat (limited to 'source3/smbd')
-rw-r--r-- | source3/smbd/chgpasswd.c | 4 | ||||
-rw-r--r-- | source3/smbd/password.c | 2 |
2 files changed, 3 insertions, 3 deletions
diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c index 9e593b022e..a5274862fc 100644 --- a/source3/smbd/chgpasswd.c +++ b/source3/smbd/chgpasswd.c @@ -707,11 +707,11 @@ BOOL change_lanman_password(SAM_ACCOUNT *sampass, uchar * pass1, D_P16(pwd, pass2, unenc_new_pw); } - if (!pdb_set_lanman_passwd(sampass, unenc_new_pw)) { + if (!pdb_set_lanman_passwd(sampass, unenc_new_pw, PDB_CHANGED)) { return False; } - if (!pdb_set_nt_passwd (sampass, NULL)) { + if (!pdb_set_nt_passwd (sampass, NULL, PDB_CHANGED)) { return False; /* We lose the NT hash. Sorry. */ } diff --git a/source3/smbd/password.c b/source3/smbd/password.c index f2956237dd..1e87065e31 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -134,7 +134,7 @@ int register_vuid(auth_serversupplied_info *server_info, const char *smb_name) * the new real sam db won't have reference to unix uids or gids */ if (!IS_SAM_UNIX_USER(server_info->sam_account)) { - DEBUG(0,("Attempted session setup with invalid user. No uid/gid in SAM_ACCOUNT (flags:%x)\n", pdb_get_init_flag(server_info->sam_account))); + DEBUG(0,("Attempted session setup with invalid user. No uid/gid in SAM_ACCOUNT\n")); free(vuser); return UID_FIELD_INVALID; } |