diff options
-rw-r--r-- | source3/include/rpc_samr.h | 1 | ||||
-rw-r--r-- | source3/rpc_server/srv_samr_nt.c | 3 | ||||
-rw-r--r-- | source3/smbd/chgpasswd.c | 10 |
3 files changed, 13 insertions, 1 deletions
diff --git a/source3/include/rpc_samr.h b/source3/include/rpc_samr.h index 3af7d5c720..62eb397925 100644 --- a/source3/include/rpc_samr.h +++ b/source3/include/rpc_samr.h @@ -1848,6 +1848,7 @@ typedef struct q_samr_chgpasswd_user3 } SAMR_Q_CHGPASSWD_USER3; +#define REJECT_REASON_OTHER 0x00000000 #define REJECT_REASON_TOO_SHORT 0x00000001 #define REJECT_REASON_IN_HISTORY 0x00000002 #define REJECT_REASON_NOT_COMPLEX 0x00000005 diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 75a72fa028..b3be0cccc1 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -1505,7 +1505,8 @@ NTSTATUS _samr_chgpasswd_user3(pipes_struct *p, SAMR_Q_CHGPASSWD_USER3 *q_u, SAM r_u->status = pass_oem_change(user_name, q_u->lm_newpass.pass, q_u->lm_oldhash.hash, q_u->nt_newpass.pass, q_u->nt_oldhash.hash, &reject_reason); - if (NT_STATUS_EQUAL(r_u->status, NT_STATUS_PASSWORD_RESTRICTION)) { + if (NT_STATUS_EQUAL(r_u->status, NT_STATUS_PASSWORD_RESTRICTION) || + NT_STATUS_EQUAL(r_u->status, NT_STATUS_ACCOUNT_RESTRICTION)) { uint32 min_pass_len,pass_hist,password_properties; time_t u_expire, u_min_age; diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c index 501aba3336..e04e902b3a 100644 --- a/source3/smbd/chgpasswd.c +++ b/source3/smbd/chgpasswd.c @@ -1016,6 +1016,10 @@ NTSTATUS change_oem_password(SAM_ACCOUNT *hnd, char *old_passwd, char *new_passw time_t last_change_time = pdb_get_pass_last_set_time(hnd); time_t can_change_time = pdb_get_pass_can_change_time(hnd); + if (samr_reject_reason) { + *samr_reject_reason = Undefined; + } + if (pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &min_age)) { /* * Windows calculates the minimum password age check @@ -1026,6 +1030,9 @@ NTSTATUS change_oem_password(SAM_ACCOUNT *hnd, char *old_passwd, char *new_passw DEBUG(1, ("user %s cannot change password now, must " "wait until %s\n", username, http_timestring(last_change_time+min_age))); + if (samr_reject_reason) { + *samr_reject_reason = REJECT_REASON_OTHER; + } return NT_STATUS_ACCOUNT_RESTRICTION; } } else { @@ -1033,6 +1040,9 @@ NTSTATUS change_oem_password(SAM_ACCOUNT *hnd, char *old_passwd, char *new_passw DEBUG(1, ("user %s cannot change password now, must " "wait until %s\n", username, http_timestring(can_change_time))); + if (samr_reject_reason) { + *samr_reject_reason = REJECT_REASON_OTHER; + } return NT_STATUS_ACCOUNT_RESTRICTION; } } |