diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2006-03-07 03:33:26 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:52:22 -0500 |
| commit | 61fe79d02200ef4f23652efe5995c84bbacd220a (patch) | |
| tree | bfd4af7968742bee23d458ed4b139a8d933bab0f /source4/auth | |
| parent | 6a73835b0946a015d1bad0b502c35d92777d2446 (diff) | |
| download | samba-61fe79d02200ef4f23652efe5995c84bbacd220a.tar.gz samba-61fe79d02200ef4f23652efe5995c84bbacd220a.tar.bz2 samba-61fe79d02200ef4f23652efe5995c84bbacd220a.zip | |
r13910: Fix the 'your password has expired' on every login. We now consider
if the 'password does not expire' flag has been set, filling in the
PAC and netlogon reply correctly if so.
Andrew Bartlett
(This used to be commit c530ab5dc6865c422382bc0afa7a86f7ec1acdf2)
Diffstat (limited to 'source4/auth')
| -rw-r--r-- | source4/auth/auth_sam.c | 29 |
1 files changed, 16 insertions, 13 deletions
diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c index c28aaf2434..f1ea2a783c 100644 --- a/source4/auth/auth_sam.c +++ b/source4/auth/auth_sam.c @@ -172,8 +172,7 @@ NTSTATUS authsam_account_ok(TALLOC_CTX *mem_ctx, acct_expiry = samdb_result_nttime(msg, "accountExpires", 0); must_change_time = samdb_result_force_password_change(sam_ctx, mem_ctx, - domain_dn, msg, - "pwdLastSet"); + domain_dn, msg); last_set_time = samdb_result_nttime(msg, "pwdLastSet", 0); workstation_list = samdb_result_string(msg, "userWorkstations", NULL); @@ -423,10 +422,10 @@ static NTSTATUS authsam_authenticate(struct auth_context *auth_context, } NTSTATUS authsam_make_server_info(TALLOC_CTX *mem_ctx, struct ldb_context *sam_ctx, - struct ldb_message *msg, - struct ldb_message *msg_domain_ref, - DATA_BLOB user_sess_key, DATA_BLOB lm_sess_key, - struct auth_serversupplied_info **_server_info) + struct ldb_message *msg, + struct ldb_message *msg_domain_ref, + DATA_BLOB user_sess_key, DATA_BLOB lm_sess_key, + struct auth_serversupplied_info **_server_info) { struct auth_serversupplied_info *server_info; struct ldb_message **group_msgs; @@ -523,13 +522,17 @@ NTSTATUS authsam_make_server_info(TALLOC_CTX *mem_ctx, struct ldb_context *sam_c server_info->acct_expiry = samdb_result_nttime(msg, "accountExpires", 0); server_info->last_password_change = samdb_result_nttime(msg, "pwdLastSet", 0); - ncname = samdb_result_dn(mem_ctx, msg_domain_ref, "nCName", ldb_dn_new(mem_ctx)); - - server_info->allow_password_change = samdb_result_allow_password_change(sam_ctx, mem_ctx, - ncname, msg, "pwdLastSet"); - server_info->force_password_change = samdb_result_force_password_change(sam_ctx, mem_ctx, - ncname, msg, "pwdLastSet"); - + ncname = samdb_result_dn(mem_ctx, msg_domain_ref, "nCName", NULL); + if (!ncname) { + return NT_STATUS_INTERNAL_DB_CORRUPTION; + } + server_info->allow_password_change + = samdb_result_allow_password_change(sam_ctx, mem_ctx, + ncname, msg, "pwdLastSet"); + server_info->force_password_change + = samdb_result_force_password_change(sam_ctx, mem_ctx, + ncname, msg); + server_info->logon_count = samdb_result_uint(msg, "logonCount", 0); server_info->bad_password_count = samdb_result_uint(msg, "badPwdCount", 0); |