diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2005-08-03 04:41:10 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:31:03 -0500 |
| commit | 896fd8e1cddacc5cbc319490b110042db787f7ee (patch) | |
| tree | 5802c4934d9a54e723e3d370e615b9d28fd09c87 /source4/auth | |
| parent | 36f64c0f057fc80186e3493f9e723677131c3c34 (diff) | |
| download | samba-896fd8e1cddacc5cbc319490b110042db787f7ee.tar.gz samba-896fd8e1cddacc5cbc319490b110042db787f7ee.tar.bz2 samba-896fd8e1cddacc5cbc319490b110042db787f7ee.zip | |
r8980: Make Samba4 honour account control flags (we were asking for a
non-existant field).
Also change time(NULL) into an NTTIME for comparison, rather than
experience rounding bugs (size of time_t) when converting an NTTIME
into a time_t.
Andrew Bartlett
(This used to be commit 181155f9e059a2eb74a7dd7c34a358724ec88bb8)
Diffstat (limited to 'source4/auth')
| -rw-r--r-- | source4/auth/auth_sam.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c index f697164cd4..555b2a25ac 100644 --- a/source4/auth/auth_sam.c +++ b/source4/auth/auth_sam.c @@ -117,6 +117,7 @@ static NTSTATUS authsam_account_ok(TALLOC_CTX *mem_ctx, const char *workstation_list, const struct auth_usersupplied_info *user_info) { + NTTIME now; DEBUG(4,("authsam_account_ok: Checking SMB password for user %s\n", user_info->mapped.account_name)); /* Quit if the account was disabled. */ @@ -132,7 +133,8 @@ static NTSTATUS authsam_account_ok(TALLOC_CTX *mem_ctx, } /* Test account expire time */ - if ((acct_expiry) != -1 && time(NULL) > nt_time_to_unix(acct_expiry)) { + unix_to_nt_time(&now, time(NULL)); + if (now > acct_expiry) { DEBUG(1,("authsam_account_ok: Account for user '%s' has expired.\n", user_info->mapped.account_name)); DEBUG(3,("authsam_account_ok: Account expired at '%s'.\n", nt_time_string(mem_ctx, acct_expiry))); @@ -148,7 +150,7 @@ static NTSTATUS authsam_account_ok(TALLOC_CTX *mem_ctx, } /* check for expired password */ - if ((must_change_time) != 0 && nt_time_to_unix(must_change_time) < time(NULL)) { + if ((must_change_time != 0) && (must_change_time < now)) { DEBUG(1,("sam_account_ok: Account for user '%s' password expired!.\n", user_info->mapped.account_name)); DEBUG(1,("sam_account_ok: Password expired at '%s' unix time.\n", @@ -356,7 +358,7 @@ static NTSTATUS authsam_authenticate(struct auth_context *auth_context, NTSTATUS nt_status; const char *domain_dn = samdb_result_string(msgs_domain[0], "nCName", ""); - acct_flags = samdb_result_acct_flags(msgs[0], "sAMAcctFlags"); + acct_flags = samdb_result_acct_flags(msgs[0], "userAccountControl"); /* Quit if the account was locked out. */ if (acct_flags & ACB_AUTOLOCK) { |