diff options
author | Günther Deschner <gd@samba.org> | 2006-02-08 11:57:38 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:09:58 -0500 |
commit | d5c5c856ae924fc4523e5fa4b9a790249e32b3ae (patch) | |
tree | 67d0049173a7570891eee0145cd5a1cdcfffec41 /source3 | |
parent | 7fc2c0befbaea3af36433a7ad9cc46358cf46139 (diff) | |
download | samba-d5c5c856ae924fc4523e5fa4b9a790249e32b3ae.tar.gz samba-d5c5c856ae924fc4523e5fa4b9a790249e32b3ae.tar.bz2 samba-d5c5c856ae924fc4523e5fa4b9a790249e32b3ae.zip |
r13391: Only fall into password change when ACB_PWNOEXP is not set
(got it wrong the first time as administrator has this flag set by
default).
Guenther
(This used to be commit e9ccebf45a5db8964793084950fbb2c23b2469a3)
Diffstat (limited to 'source3')
-rw-r--r-- | source3/nsswitch/pam_winbind.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/source3/nsswitch/pam_winbind.c b/source3/nsswitch/pam_winbind.c index 0141c3fafa..3848612c47 100644 --- a/source3/nsswitch/pam_winbind.c +++ b/source3/nsswitch/pam_winbind.c @@ -419,7 +419,7 @@ static int winbind_auth_request(pam_handle_t * pamh, /* handle the case where the auth was ok, but the password must expire right now */ /* good catch from Ralf Haferkamp: an expiry of "never" is translated to -1 */ - if ((response.data.auth.info3.user_rid != DOMAIN_USER_RID_ADMIN ) && + if ( ! (response.data.auth.info3.acct_flags & ACB_PWNOEXP) && (response.data.auth.policy.expire > 0) && (response.data.auth.info3.pass_last_set_time + response.data.auth.policy.expire < time(NULL))) { @@ -436,7 +436,7 @@ static int winbind_auth_request(pam_handle_t * pamh, } /* warn a user if the password is about to expire soon */ - if ((response.data.auth.info3.user_rid != DOMAIN_USER_RID_ADMIN ) && + if ( ! (response.data.auth.info3.acct_flags & ACB_PWNOEXP) && (response.data.auth.policy.expire) && (response.data.auth.info3.pass_last_set_time + response.data.auth.policy.expire > time(NULL) ) ) { |