summaryrefslogtreecommitdiff
path: root/source4/dsdb
diff options
context:
space:
mode:
authorAmitay Isaacs <amitay@gmail.com>2011-11-18 10:34:44 +1100
committerAmitay Isaacs <amitay@gmail.com>2011-11-18 14:38:28 +1100
commit9318e00a1fab1e6eda6495c44b69d95a980b1e5e (patch)
tree66a2ff3df982c33e284f30732659dd30ff0dd812 /source4/dsdb
parentd0e9f22654be1c9972c5b5ba6b3ebe808f27c678 (diff)
downloadsamba-9318e00a1fab1e6eda6495c44b69d95a980b1e5e.tar.gz
samba-9318e00a1fab1e6eda6495c44b69d95a980b1e5e.tar.bz2
samba-9318e00a1fab1e6eda6495c44b69d95a980b1e5e.zip
dsdb: Fix the password expiry calculation
As per Section 3.1.1.4.5.26 [MS-ADTS.pdf], password is expired if pwdLastSet = null, or pwdLastSet = 0, or (maxPwdAge != 0x8000000000000000 and (ST - pwdLastSet) > maxPwdAge)
Diffstat (limited to 'source4/dsdb')
-rw-r--r--source4/dsdb/common/util.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index cae6bd45b3..826a1e4592 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -505,7 +505,7 @@ NTTIME samdb_result_force_password_change(struct ldb_context *sam_ldb,
maxPwdAge = samdb_search_int64(sam_ldb, mem_ctx, 0, domain_dn,
"maxPwdAge", NULL);
- if (maxPwdAge == 0) {
+ if (maxPwdAge == 0 || maxPwdAge == -0x8000000000000000ULL) {
return 0x7FFFFFFFFFFFFFFFULL;
} else {
attr_time -= maxPwdAge;