diff options
author | Amitay Isaacs <amitay@gmail.com> | 2011-11-18 10:34:44 +1100 |
---|---|---|
committer | Amitay Isaacs <amitay@gmail.com> | 2011-11-18 14:38:28 +1100 |
commit | 9318e00a1fab1e6eda6495c44b69d95a980b1e5e (patch) | |
tree | 66a2ff3df982c33e284f30732659dd30ff0dd812 /source4/dsdb/common | |
parent | d0e9f22654be1c9972c5b5ba6b3ebe808f27c678 (diff) | |
download | samba-9318e00a1fab1e6eda6495c44b69d95a980b1e5e.tar.gz samba-9318e00a1fab1e6eda6495c44b69d95a980b1e5e.tar.bz2 samba-9318e00a1fab1e6eda6495c44b69d95a980b1e5e.zip |
dsdb: Fix the password expiry calculation
As per Section 3.1.1.4.5.26 [MS-ADTS.pdf], password is expired if
pwdLastSet = null, or
pwdLastSet = 0, or
(maxPwdAge != 0x8000000000000000 and (ST - pwdLastSet) > maxPwdAge)
Diffstat (limited to 'source4/dsdb/common')
-rw-r--r-- | source4/dsdb/common/util.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c index cae6bd45b3..826a1e4592 100644 --- a/source4/dsdb/common/util.c +++ b/source4/dsdb/common/util.c @@ -505,7 +505,7 @@ NTTIME samdb_result_force_password_change(struct ldb_context *sam_ldb, maxPwdAge = samdb_search_int64(sam_ldb, mem_ctx, 0, domain_dn, "maxPwdAge", NULL); - if (maxPwdAge == 0) { + if (maxPwdAge == 0 || maxPwdAge == -0x8000000000000000ULL) { return 0x7FFFFFFFFFFFFFFFULL; } else { attr_time -= maxPwdAge; |