summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/auth/credentials/credentials_files.c4
-rw-r--r--source4/auth/sam.c4
-rw-r--r--source4/dsdb/samdb/ldb_modules/local_password.c8
-rw-r--r--source4/dsdb/samdb/ldb_modules/password_hash.c56
-rw-r--r--source4/dsdb/samdb/ldb_modules/samba3sam.c2
-rw-r--r--source4/dsdb/samdb/samdb.c26
-rw-r--r--source4/libnet/libnet_samsync_ldb.c8
-rw-r--r--source4/rpc_server/netlogon/dcerpc_netlogon.c4
-rw-r--r--source4/rpc_server/samr/samr_password.c6
9 files changed, 59 insertions, 59 deletions
diff --git a/source4/auth/credentials/credentials_files.c b/source4/auth/credentials/credentials_files.c
index 2978fe16f8..023dc90407 100644
--- a/source4/auth/credentials/credentials_files.c
+++ b/source4/auth/credentials/credentials_files.c
@@ -184,7 +184,7 @@ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred,
"flatname",
"realm",
"secureChannelType",
- "ntPwdHash",
+ "unicodePwd",
"msDS-KeyVersionNumber",
"saltPrincipal",
"privateKeytab",
@@ -264,7 +264,7 @@ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred,
}
if (!password) {
- const struct ldb_val *nt_password_hash = ldb_msg_find_ldb_val(msgs[0], "ntPwdHash");
+ const struct ldb_val *nt_password_hash = ldb_msg_find_ldb_val(msgs[0], "unicodePwd");
struct samr_Password hash;
ZERO_STRUCT(hash);
if (nt_password_hash) {
diff --git a/source4/auth/sam.c b/source4/auth/sam.c
index a44eb9017e..f9f801c800 100644
--- a/source4/auth/sam.c
+++ b/source4/auth/sam.c
@@ -39,8 +39,8 @@ const char *user_attrs[] = {
"krb5Key",
/* passwords */
- "lmPwdHash",
- "ntPwdHash",
+ "dBCSPwd",
+ "unicodePwd",
"userAccountControl",
diff --git a/source4/dsdb/samdb/ldb_modules/local_password.c b/source4/dsdb/samdb/ldb_modules/local_password.c
index 9e1cdd32b3..e72b7cb3a3 100644
--- a/source4/dsdb/samdb/ldb_modules/local_password.c
+++ b/source4/dsdb/samdb/ldb_modules/local_password.c
@@ -54,10 +54,10 @@
static const char * const password_attrs[] = {
"sambaPassword",
"krb5Key",
- "ntPwdHash",
- "lmPwdHash",
- "sambaLMPwdHistory",
- "sambaNTPwdHistory",
+ "unicodePwd",
+ "dBCSPwd",
+ "lmPwdHistory",
+ "ntPwdHistory",
"msDS-KeyVersionNumber",
"pwdLastSet"
};
diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
index 9a72643ec9..201a5d295a 100644
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -106,22 +106,22 @@ static int add_password_hashes(struct ldb_module *module, struct ldb_message *ms
}
if (is_mod) {
- if (ldb_msg_add_empty(msg, "ntPwdHash", LDB_FLAG_MOD_REPLACE, NULL) != 0) {
+ if (ldb_msg_add_empty(msg, "unicodePwd", LDB_FLAG_MOD_REPLACE, NULL) != 0) {
return LDB_ERR_OPERATIONS_ERROR;
}
- if (ldb_msg_add_empty(msg, "lmPwdHash", LDB_FLAG_MOD_REPLACE, NULL) != 0) {
+ if (ldb_msg_add_empty(msg, "dBCSPwd", LDB_FLAG_MOD_REPLACE, NULL) != 0) {
return LDB_ERR_OPERATIONS_ERROR;
}
}
/* compute the new nt and lm hashes */
E_md4hash(sambaPassword, tmp_hash.hash);
- if (samdb_msg_add_hash(module->ldb, msg, msg, "ntPwdHash", &tmp_hash) != 0) {
+ if (samdb_msg_add_hash(module->ldb, msg, msg, "unicodePwd", &tmp_hash) != 0) {
return LDB_ERR_OPERATIONS_ERROR;
}
if (E_deshash(sambaPassword, tmp_hash.hash)) {
- if (samdb_msg_add_hash(module->ldb, msg, msg, "lmPwdHash", &tmp_hash) != 0) {
+ if (samdb_msg_add_hash(module->ldb, msg, msg, "dBCSPwd", &tmp_hash) != 0) {
return LDB_ERR_OPERATIONS_ERROR;
}
}
@@ -276,7 +276,7 @@ static int add_krb5_keys_from_NThash(struct ldb_module *module, struct ldb_messa
key.mkvno = 0;
key.salt = NULL; /* No salt for this enc type */
- ntPwdHash = samdb_result_hash(msg, msg, "ntPwdHash");
+ ntPwdHash = samdb_result_hash(msg, msg, "unicodePwd");
if (ntPwdHash == NULL) { /* what happened ?! */
return LDB_ERR_OPERATIONS_ERROR;
}
@@ -362,14 +362,14 @@ static int setPwdHistory(struct ldb_module *module, struct ldb_message *msg, str
int lm_hist_len;
int i;
- nt_hash = samdb_result_hash(msg, old_msg, "ntPwdHash");
- lm_hash = samdb_result_hash(msg, old_msg, "lmPwdHash");
+ nt_hash = samdb_result_hash(msg, old_msg, "unicodePwd");
+ lm_hash = samdb_result_hash(msg, old_msg, "dBCSPwd");
/* if no previous passwords just return */
if (nt_hash == NULL && lm_hash == NULL) return LDB_SUCCESS;
- nt_hist_len = samdb_result_hashes(msg, old_msg, "sambaNTPwdHistory", &nt_history);
- lm_hist_len = samdb_result_hashes(msg, old_msg, "sambaLMPwdHistory", &lm_history);
+ nt_hist_len = samdb_result_hashes(msg, old_msg, "ntPwdHistory", &nt_history);
+ lm_hist_len = samdb_result_hashes(msg, old_msg, "lmPwdHistory", &lm_history);
/* We might not have an old NT password */
new_nt_history = talloc_array(msg, struct samr_Password, hlen);
@@ -385,10 +385,10 @@ static int setPwdHistory(struct ldb_module *module, struct ldb_message *msg, str
} else {
ZERO_STRUCT(new_nt_history[0]);
}
- if (ldb_msg_add_empty(msg, "sambaNTPwdHistory", LDB_FLAG_MOD_REPLACE, NULL) != LDB_SUCCESS) {
+ if (ldb_msg_add_empty(msg, "ntPwdHistory", LDB_FLAG_MOD_REPLACE, NULL) != LDB_SUCCESS) {
return LDB_ERR_OPERATIONS_ERROR;
}
- if (samdb_msg_add_hashes(msg, msg, "sambaNTPwdHistory", new_nt_history, nt_hist_len) != LDB_SUCCESS) {
+ if (samdb_msg_add_hashes(msg, msg, "ntPwdHistory", new_nt_history, nt_hist_len) != LDB_SUCCESS) {
return LDB_ERR_OPERATIONS_ERROR;
}
@@ -408,10 +408,10 @@ static int setPwdHistory(struct ldb_module *module, struct ldb_message *msg, str
} else {
ZERO_STRUCT(new_lm_history[0]);
}
- if (ldb_msg_add_empty(msg, "sambaLMPwdHistory", LDB_FLAG_MOD_REPLACE, NULL) != LDB_SUCCESS) {
+ if (ldb_msg_add_empty(msg, "lmPwdHistory", LDB_FLAG_MOD_REPLACE, NULL) != LDB_SUCCESS) {
return LDB_ERR_OPERATIONS_ERROR;
}
- if (samdb_msg_add_hashes(msg, msg, "sambaLMPwdHistory", new_lm_history, lm_hist_len) != LDB_SUCCESS) {
+ if (samdb_msg_add_hashes(msg, msg, "lmPwdHistory", new_lm_history, lm_hist_len) != LDB_SUCCESS) {
return LDB_ERR_OPERATIONS_ERROR;
}
@@ -594,8 +594,8 @@ static int password_hash_add(struct ldb_module *module, struct ldb_request *req)
}
/* nobody must touch password Histories */
- if (ldb_msg_find_element(req->op.add.message, "sambaNTPwdHistory") ||
- ldb_msg_find_element(req->op.add.message, "sambaLMPwdHistory")) {
+ if (ldb_msg_find_element(req->op.add.message, "ntPwdHistory") ||
+ ldb_msg_find_element(req->op.add.message, "lmPwdHistory")) {
return LDB_ERR_UNWILLING_TO_PERFORM;
}
@@ -603,8 +603,8 @@ static int password_hash_add(struct ldb_module *module, struct ldb_request *req)
* or LM hashes, then we don't need to make any changes. */
sambaAttr = ldb_msg_find_element(req->op.mod.message, "sambaPassword");
- ntAttr = ldb_msg_find_element(req->op.mod.message, "ntPwdHash");
- lmAttr = ldb_msg_find_element(req->op.mod.message, "lmPwdHash");
+ ntAttr = ldb_msg_find_element(req->op.mod.message, "unicodePwd");
+ lmAttr = ldb_msg_find_element(req->op.mod.message, "dBCSPwd");
if ((!sambaAttr) && (!ntAttr) && (!lmAttr)) {
return ldb_next_request(module, req);
@@ -788,14 +788,14 @@ static int password_hash_modify(struct ldb_module *module, struct ldb_request *r
}
/* nobody must touch password Histories */
- if (ldb_msg_find_element(req->op.mod.message, "sambaNTPwdHistory") ||
- ldb_msg_find_element(req->op.mod.message, "sambaLMPwdHistory")) {
+ if (ldb_msg_find_element(req->op.mod.message, "ntPwdHistory") ||
+ ldb_msg_find_element(req->op.mod.message, "lmPwdHistory")) {
return LDB_ERR_UNWILLING_TO_PERFORM;
}
sambaAttr = ldb_msg_find_element(req->op.mod.message, "sambaPassword");
- ntAttr = ldb_msg_find_element(req->op.mod.message, "ntPwdHash");
- lmAttr = ldb_msg_find_element(req->op.mod.message, "lmPwdHash");
+ ntAttr = ldb_msg_find_element(req->op.mod.message, "unicodePwd");
+ lmAttr = ldb_msg_find_element(req->op.mod.message, "dBCSPwd");
/* check passwords are single valued here */
/* TODO: remove this when passwords will be single valued in schema */
@@ -844,8 +844,8 @@ static int password_hash_modify(struct ldb_module *module, struct ldb_request *r
/* - remove any imodification to the password from the first commit
* we will make the real modification later */
if (sambaAttr) ldb_msg_remove_attr(msg, "sambaPassword");
- if (ntAttr) ldb_msg_remove_attr(msg, "ntPwdHash");
- if (lmAttr) ldb_msg_remove_attr(msg, "lmPwdHash");
+ if (ntAttr) ldb_msg_remove_attr(msg, "unicodePwd");
+ if (lmAttr) ldb_msg_remove_attr(msg, "dBCSPwd");
/* if there was nothing else to be modify skip to next step */
if (msg->num_elements == 0) {
@@ -902,12 +902,12 @@ static int get_self_callback(struct ldb_context *ldb, void *context, struct ldb_
static int password_hash_mod_search_self(struct ldb_handle *h) {
struct ph_context *ac;
- static const char * const attrs[] = { "userAccountControl", "sambaLMPwdHistory",
- "sambaNTPwdHistory",
+ static const char * const attrs[] = { "userAccountControl", "lmPwdHistory",
+ "ntPwdHistory",
"objectSid", "msDS-KeyVersionNumber",
"objectClass", "userPrincipalName",
"samAccountName",
- "lmPwdHash", "ntPwdHash",
+ "dBCSPwd", "unicodePwd",
NULL };
ac = talloc_get_type(h->private_data, struct ph_context);
@@ -1053,12 +1053,12 @@ static int password_hash_mod_do_mod(struct ldb_handle *h) {
if (!added_hashes) {
struct ldb_message_element *el;
- el = ldb_msg_find_element(ac->orig_req->op.mod.message, "ntPwdHash");
+ el = ldb_msg_find_element(ac->orig_req->op.mod.message, "unicodePwd");
if (ldb_msg_add(msg, el, el->flags) != 0) {
return LDB_ERR_OPERATIONS_ERROR;
}
- el = ldb_msg_find_element(ac->orig_req->op.mod.message, "lmPwdHash");
+ el = ldb_msg_find_element(ac->orig_req->op.mod.message, "dBCSPwd");
if (ldb_msg_add(msg, el, el->flags) != 0) {
return LDB_ERR_OPERATIONS_ERROR;
}
diff --git a/source4/dsdb/samdb/ldb_modules/samba3sam.c b/source4/dsdb/samdb/ldb_modules/samba3sam.c
index c66dbee360..170b859584 100644
--- a/source4/dsdb/samdb/ldb_modules/samba3sam.c
+++ b/source4/dsdb/samdb/ldb_modules/samba3sam.c
@@ -327,7 +327,7 @@ const struct ldb_map_attribute samba3_attributes[] =
/* sambaLMPassword -> lmPwdHash*/
{
- .local_name = "lmPwdHash",
+ .local_name = "dBCSPwd",
.type = MAP_CONVERT,
.u = {
.convert = {
diff --git a/source4/dsdb/samdb/samdb.c b/source4/dsdb/samdb/samdb.c
index d71c872535..a3ac2c9544 100644
--- a/source4/dsdb/samdb/samdb.c
+++ b/source4/dsdb/samdb/samdb.c
@@ -571,7 +571,7 @@ NTSTATUS samdb_result_passwords(TALLOC_CTX *mem_ctx, struct ldb_message *msg,
struct samr_Password *lmPwdHash, *ntPwdHash;
if (nt_pwd) {
int num_nt;
- num_nt = samdb_result_hashes(mem_ctx, msg, "ntPwdHash", &ntPwdHash);
+ num_nt = samdb_result_hashes(mem_ctx, msg, "unicodePwd", &ntPwdHash);
if (num_nt == 0) {
*nt_pwd = NULL;
} else if (num_nt > 1) {
@@ -582,7 +582,7 @@ NTSTATUS samdb_result_passwords(TALLOC_CTX *mem_ctx, struct ldb_message *msg,
}
if (lm_pwd) {
int num_lm;
- num_lm = samdb_result_hashes(mem_ctx, msg, "lmPwdHash", &lmPwdHash);
+ num_lm = samdb_result_hashes(mem_ctx, msg, "dBCSPwd", &lmPwdHash);
if (num_lm == 0) {
*lm_pwd = NULL;
} else if (num_lm > 1) {
@@ -1496,9 +1496,9 @@ _PUBLIC_ NTSTATUS samdb_set_password(struct ldb_context *ctx, TALLOC_CTX *mem_ct
enum samr_RejectReason *reject_reason,
struct samr_DomInfo1 **_dominfo)
{
- const char * const user_attrs[] = { "userAccountControl", "sambaLMPwdHistory",
- "sambaNTPwdHistory",
- "lmPwdHash", "ntPwdHash",
+ const char * const user_attrs[] = { "userAccountControl", "lmPwdHistory",
+ "ntPwdHistory",
+ "dBCSPwd", "unicodePwd",
"objectSid",
"pwdLastSet", NULL };
const char * const domain_attrs[] = { "pwdProperties", "pwdHistoryLength",
@@ -1528,11 +1528,11 @@ _PUBLIC_ NTSTATUS samdb_set_password(struct ldb_context *ctx, TALLOC_CTX *mem_ct
}
userAccountControl = samdb_result_uint(res[0], "userAccountControl", 0);
sambaLMPwdHistory_len = samdb_result_hashes(mem_ctx, res[0],
- "sambaLMPwdHistory", &sambaLMPwdHistory);
+ "lmPwdHistory", &sambaLMPwdHistory);
sambaNTPwdHistory_len = samdb_result_hashes(mem_ctx, res[0],
- "sambaNTPwdHistory", &sambaNTPwdHistory);
- lmPwdHash = samdb_result_hash(mem_ctx, res[0], "lmPwdHash");
- ntPwdHash = samdb_result_hash(mem_ctx, res[0], "ntPwdHash");
+ "ntPwdHistory", &sambaNTPwdHistory);
+ lmPwdHash = samdb_result_hash(mem_ctx, res[0], "dBCSPwd");
+ ntPwdHash = samdb_result_hash(mem_ctx, res[0], "unicodePwd");
pwdLastSet = samdb_result_uint64(res[0], "pwdLastSet", 0);
if (domain_dn) {
@@ -1692,15 +1692,15 @@ _PUBLIC_ NTSTATUS samdb_set_password(struct ldb_context *ctx, TALLOC_CTX *mem_ct
CHECK_RET(samdb_msg_add_delete(ctx, mem_ctx, mod, "sambaPassword"));
if (lmNewHash) {
- CHECK_RET(samdb_msg_add_hash(ctx, mem_ctx, mod, "lmPwdHash", lmNewHash));
+ CHECK_RET(samdb_msg_add_hash(ctx, mem_ctx, mod, "dBCSPwd", lmNewHash));
} else {
- CHECK_RET(samdb_msg_add_delete(ctx, mem_ctx, mod, "lmPwdHash"));
+ CHECK_RET(samdb_msg_add_delete(ctx, mem_ctx, mod, "dBCSPwd"));
}
if (ntNewHash) {
- CHECK_RET(samdb_msg_add_hash(ctx, mem_ctx, mod, "ntPwdHash", ntNewHash));
+ CHECK_RET(samdb_msg_add_hash(ctx, mem_ctx, mod, "unicodePwd", ntNewHash));
} else {
- CHECK_RET(samdb_msg_add_delete(ctx, mem_ctx, mod, "ntPwdHash"));
+ CHECK_RET(samdb_msg_add_delete(ctx, mem_ctx, mod, "unicodePwd"));
}
}
diff --git a/source4/libnet/libnet_samsync_ldb.c b/source4/libnet/libnet_samsync_ldb.c
index 648eb8eed9..a7fab977e3 100644
--- a/source4/libnet/libnet_samsync_ldb.c
+++ b/source4/libnet/libnet_samsync_ldb.c
@@ -368,17 +368,17 @@ static NTSTATUS samsync_ldb_handle_user(TALLOC_CTX *mem_ctx,
}
if (user->lm_password_present) {
samdb_msg_add_hash(state->sam_ldb, mem_ctx, msg,
- "lmPwdHash", &user->lmpassword);
+ "dBCSPwd", &user->lmpassword);
} else if (!add) {
samdb_msg_add_delete(state->sam_ldb, mem_ctx, msg,
- "lmPwdHash");
+ "dBCSPwd");
}
if (user->nt_password_present) {
samdb_msg_add_hash(state->sam_ldb, mem_ctx, msg,
- "ntPwdHash", &user->ntpassword);
+ "unicodePwd", &user->ntpassword);
} else if (!add) {
samdb_msg_add_delete(state->sam_ldb, mem_ctx, msg,
- "ntPwdHash");
+ "unicodePwd");
}
ADD_OR_DEL(string, "comment", comment.string);
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index b1d129e782..03625bfd43 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -80,7 +80,7 @@ static NTSTATUS dcesrv_netr_ServerAuthenticate3(struct dcesrv_call_state *dce_ca
int num_records;
struct ldb_message **msgs;
NTSTATUS nt_status;
- const char *attrs[] = {"ntPwdHash", "userAccountControl",
+ const char *attrs[] = {"unicodePwd", "userAccountControl",
"objectSid", NULL};
ZERO_STRUCTP(r->out.credentials);
@@ -144,7 +144,7 @@ static NTSTATUS dcesrv_netr_ServerAuthenticate3(struct dcesrv_call_state *dce_ca
*r->out.rid = samdb_result_rid_from_sid(mem_ctx, msgs[0],
"objectSid", 0);
- mach_pwd = samdb_result_hash(mem_ctx, msgs[0], "ntPwdHash");
+ mach_pwd = samdb_result_hash(mem_ctx, msgs[0], "unicodePwd");
if (mach_pwd == NULL) {
return NT_STATUS_ACCESS_DENIED;
}
diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c
index 505be6946c..9ddd87a383 100644
--- a/source4/rpc_server/samr/samr_password.c
+++ b/source4/rpc_server/samr/samr_password.c
@@ -49,7 +49,7 @@ NTSTATUS dcesrv_samr_ChangePasswordUser(struct dcesrv_call_state *dce_call, TALL
struct samr_Password new_lmPwdHash, new_ntPwdHash, checkHash;
struct samr_Password *lm_pwd, *nt_pwd;
NTSTATUS status = NT_STATUS_OK;
- const char * const attrs[] = { "lmPwdHash", "ntPwdHash" , NULL };
+ const char * const attrs[] = { "dBCSPwd", "unicodePwd" , NULL };
DCESRV_PULL_HANDLE(h, r->in.user_handle, SAMR_HANDLE_USER);
@@ -190,7 +190,7 @@ NTSTATUS dcesrv_samr_OemChangePasswordUser2(struct dcesrv_call_state *dce_call,
struct ldb_dn *user_dn;
int ret;
struct ldb_message **res, *mod;
- const char * const attrs[] = { "objectSid", "lmPwdHash", NULL };
+ const char * const attrs[] = { "objectSid", "dBCSPwd", NULL };
struct samr_Password *lm_pwd;
DATA_BLOB lm_pwd_blob;
uint8_t new_lm_hash[16];
@@ -323,7 +323,7 @@ NTSTATUS dcesrv_samr_ChangePasswordUser3(struct dcesrv_call_state *dce_call,
struct ldb_dn *user_dn;
int ret;
struct ldb_message **res, *mod;
- const char * const attrs[] = { "ntPwdHash", "lmPwdHash", NULL };
+ const char * const attrs[] = { "unicodePwd", "dBCSPwd", NULL };
struct samr_Password *nt_pwd, *lm_pwd;
DATA_BLOB nt_pwd_blob;
struct samr_DomInfo1 *dominfo = NULL;