summaryrefslogtreecommitdiff
path: root/source4/dsdb/common
diff options
context:
space:
mode:
authorMatthias Dieter Wallnöfer <mdw@samba.org>2010-07-05 16:55:50 +0200
committerMatthias Dieter Wallnöfer <mdw@samba.org>2010-07-06 21:54:20 +0200
commit9c8135785ad7b2bee4a0d37470dc37fed04a6516 (patch)
tree01dd514fa5b68fdbd75da024b9161f3bef75d192 /source4/dsdb/common
parent293d3eb545b04438a13313b06927469f928d6479 (diff)
downloadsamba-9c8135785ad7b2bee4a0d37470dc37fed04a6516.tar.gz
samba-9c8135785ad7b2bee4a0d37470dc37fed04a6516.tar.bz2
samba-9c8135785ad7b2bee4a0d37470dc37fed04a6516.zip
s4:dsdb - samdb_result_force_password_change - also when "pwdLastSet" is "-1" we shouldn't force a password change
This value is set by the ADUC console.
Diffstat (limited to 'source4/dsdb/common')
-rw-r--r--source4/dsdb/common/util.c12
1 files changed, 9 insertions, 3 deletions
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index 80736b1712..d24803809d 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -520,8 +520,10 @@ NTTIME samdb_result_force_password_change(struct ldb_context *sam_ldb,
struct ldb_dn *domain_dn,
struct ldb_message *msg)
{
- uint64_t attr_time = samdb_result_uint64(msg, "pwdLastSet", 0);
- uint32_t userAccountControl = samdb_result_uint64(msg, "userAccountControl", 0);
+ int64_t attr_time = samdb_result_int64(msg, "pwdLastSet", 0);
+ uint32_t userAccountControl = ldb_msg_find_attr_as_uint(msg,
+ "userAccountControl",
+ 0);
int64_t maxPwdAge;
/* Machine accounts don't expire, and there is a flag for 'no expiry' */
@@ -533,8 +535,12 @@ NTTIME samdb_result_force_password_change(struct ldb_context *sam_ldb,
if (attr_time == 0) {
return 0;
}
+ if (attr_time == -1) {
+ return 0x7FFFFFFFFFFFFFFFULL;
+ }
- maxPwdAge = samdb_search_int64(sam_ldb, mem_ctx, 0, domain_dn, "maxPwdAge", NULL);
+ maxPwdAge = samdb_search_int64(sam_ldb, mem_ctx, 0, domain_dn,
+ "maxPwdAge", NULL);
if (maxPwdAge == 0) {
return 0x7FFFFFFFFFFFFFFFULL;
} else {