diff options
author | Andrew Tridgell <tridge@samba.org> | 2009-02-10 17:31:57 +1100 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2009-02-10 17:31:57 +1100 |
commit | fe5b0b595c926aea0916541ceeaf610bc018cb63 (patch) | |
tree | 85d2952921fbc8852cc70da083eb649b50bde4f7 /swat2/cldap_server | |
parent | 72c2da9d327288552084efad831ef8c3518de835 (diff) | |
download | samba-fe5b0b595c926aea0916541ceeaf610bc018cb63.tar.gz samba-fe5b0b595c926aea0916541ceeaf610bc018cb63.tar.bz2 samba-fe5b0b595c926aea0916541ceeaf610bc018cb63.zip |
added a workaround to the handling of unicodePwd for Win7-beta
The Win7-beta domain process has changed. It no longer uses SAMR for
setting the password, and instead uses a ldap modify on a SASL
encrypted ldap connection. We didn't handle that as the unicodePwd
attribute has a dual use, holding the nt style MD4 hases for DRS
replication, but holding a UTF-16 plaintext password for a LDAP
modify.
This patch copes with the ldap unicodePwd modify by recognising the
format and creating the correct attributes on the fly. Note that this
assumes we will never get a unicodePwd attribute set in NT MD4 format
with the first 2 and last 2 bytes set to 0x22 0x00.
Andrew Bartlett is looking at a more robust solution, possibly using a
flag to say that this modify came via ldap, and not internal ldb
calls.
Diffstat (limited to 'swat2/cldap_server')
0 files changed, 0 insertions, 0 deletions