diff options
-rw-r--r-- | source4/auth/auth_sam_reply.c | 2 | ||||
-rw-r--r-- | source4/auth/sam.c | 2 | ||||
-rw-r--r-- | source4/dsdb/common/util.c | 16 |
3 files changed, 18 insertions, 2 deletions
diff --git a/source4/auth/auth_sam_reply.c b/source4/auth/auth_sam_reply.c index dfa76234b4..88eb857eb3 100644 --- a/source4/auth/auth_sam_reply.c +++ b/source4/auth/auth_sam_reply.c @@ -38,7 +38,7 @@ NTSTATUS auth_convert_server_info_sambaseinfo(TALLOC_CTX *mem_ctx, sam->domain_sid->num_auths--; sam->last_logon = server_info->last_logon; - sam->last_logoff = server_info->last_logoff; + sam->last_logoff = server_info->last_logoff; sam->acct_expiry = server_info->acct_expiry; sam->last_password_change = server_info->last_password_change; sam->allow_password_change = server_info->allow_password_change; diff --git a/source4/auth/sam.c b/source4/auth/sam.c index 6285c31e5c..c8591b3927 100644 --- a/source4/auth/sam.c +++ b/source4/auth/sam.c @@ -442,7 +442,7 @@ _PUBLIC_ NTSTATUS authsam_make_server_info(TALLOC_CTX *mem_ctx, NT_STATUS_HAVE_NO_MEMORY_AND_FREE(server_info->logon_server, tmp_ctx); server_info->last_logon = samdb_result_nttime(msg, "lastLogon", 0); - server_info->last_logoff = samdb_result_nttime(msg, "lastLogoff", 0); + server_info->last_logoff = samdb_result_last_logoff(msg); server_info->acct_expiry = samdb_result_account_expires(msg); server_info->last_password_change = samdb_result_nttime(msg, "pwdLastSet", 0); diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c index 247aec7035..5c5386b64c 100644 --- a/source4/dsdb/common/util.c +++ b/source4/dsdb/common/util.c @@ -436,6 +436,22 @@ NTTIME samdb_result_nttime(struct ldb_message *msg, const char *attr, NTTIME def } /* + * Windows stores 0 for lastLogoff. + * But when a MS DC return the lastLogoff (as Logoff Time) + * it returns 0x7FFFFFFFFFFFFFFF, not returning this value in this case + * cause windows 2008 and newer version to fail for SMB requests + */ +NTTIME samdb_result_last_logoff(struct ldb_message *msg) +{ + NTTIME ret = ldb_msg_find_attr_as_uint64(msg, "lastLogoff",0); + + if (ret == 0) + ret = 0x7FFFFFFFFFFFFFFFULL; + + return ret; +} + +/* * Windows uses both 0 and 9223372036854775807 (0x7FFFFFFFFFFFFFFFULL) to * indicate an account doesn't expire. * |