diff options
| -rw-r--r-- | source4/dsdb/samdb/samdb.c | 8 | ||||
| -rw-r--r-- | source4/kdc/kpasswdd.c | 3 | ||||
| -rw-r--r-- | source4/librpc/idl/misc.idl | 3 |
3 files changed, 9 insertions, 5 deletions
diff --git a/source4/dsdb/samdb/samdb.c b/source4/dsdb/samdb/samdb.c index e0691e4c32..e6752716ab 100644 --- a/source4/dsdb/samdb/samdb.c +++ b/source4/dsdb/samdb/samdb.c @@ -1282,13 +1282,13 @@ _PUBLIC_ NTSTATUS samdb_set_password(struct ldb_context *ctx, TALLOC_CTX *mem_ct if (pwdHistoryLength > 0) { if (lmNewHash && lmPwdHash && memcmp(lmNewHash->hash, lmPwdHash->hash, 16) == 0) { if (reject_reason) { - *reject_reason = SAMR_REJECT_COMPLEXITY; + *reject_reason = SAMR_REJECT_IN_HISTORY; } return NT_STATUS_PASSWORD_RESTRICTION; } if (ntNewHash && ntPwdHash && memcmp(ntNewHash->hash, ntPwdHash->hash, 16) == 0) { if (reject_reason) { - *reject_reason = SAMR_REJECT_COMPLEXITY; + *reject_reason = SAMR_REJECT_IN_HISTORY; } return NT_STATUS_PASSWORD_RESTRICTION; } @@ -1301,7 +1301,7 @@ _PUBLIC_ NTSTATUS samdb_set_password(struct ldb_context *ctx, TALLOC_CTX *mem_ct for (i=0; lmNewHash && i<sambaLMPwdHistory_len;i++) { if (memcmp(lmNewHash->hash, sambaLMPwdHistory[i].hash, 16) == 0) { if (reject_reason) { - *reject_reason = SAMR_REJECT_COMPLEXITY; + *reject_reason = SAMR_REJECT_IN_HISTORY; } return NT_STATUS_PASSWORD_RESTRICTION; } @@ -1309,7 +1309,7 @@ _PUBLIC_ NTSTATUS samdb_set_password(struct ldb_context *ctx, TALLOC_CTX *mem_ct for (i=0; ntNewHash && i<sambaNTPwdHistory_len;i++) { if (memcmp(ntNewHash->hash, sambaNTPwdHistory[i].hash, 16) == 0) { if (reject_reason) { - *reject_reason = SAMR_REJECT_COMPLEXITY; + *reject_reason = SAMR_REJECT_IN_HISTORY; } return NT_STATUS_PASSWORD_RESTRICTION; } diff --git a/source4/kdc/kpasswdd.c b/source4/kdc/kpasswdd.c index 57b4de5e69..dc8d5c7310 100644 --- a/source4/kdc/kpasswdd.c +++ b/source4/kdc/kpasswdd.c @@ -134,6 +134,9 @@ static BOOL kpasswd_make_pwchange_reply(struct kdc_server *kdc, case SAMR_REJECT_COMPLEXITY: reject_string = "Password does not meet complexity requirements"; break; + case SAMR_REJECT_IN_HISTORY: + reject_string = "Password is already in password history"; + break; case SAMR_REJECT_OTHER: default: reject_string = talloc_asprintf(mem_ctx, "Password must be at least %d characters long, and cannot match any of your %d previous passwords", diff --git a/source4/librpc/idl/misc.idl b/source4/librpc/idl/misc.idl index 353457dd02..9d43a806b7 100644 --- a/source4/librpc/idl/misc.idl +++ b/source4/librpc/idl/misc.idl @@ -40,7 +40,8 @@ interface misc typedef [public,v1_enum] enum { SAMR_REJECT_OTHER = 0, SAMR_REJECT_TOO_SHORT = 1, - SAMR_REJECT_COMPLEXITY = 2 + SAMR_REJECT_IN_HISTORY = 2, + SAMR_REJECT_COMPLEXITY = 5 } samr_RejectReason; |