11 files changed, 129 insertions, 52 deletions

diff --git a/source3/include/passdb.h b/source3/include/passdb.h
index e3077eee70..a4b2bcff3f 100644
--- a/source3/include/passdb.h
+++ b/source3/include/passdb.h
@@ -57,7 +57,8 @@ enum pdb_elements {
 	PDB_MUNGEDDIAL,
 	PDB_HOURS,
 	PDB_UNKNOWN3,
-	PDB_UNKNOWN5,
+	PDB_BAD_PASSWORD_COUNT,
+	PDB_LOGON_COUNT,
 	PDB_UNKNOWN6,
 	PDB_LMPASSWD,
 	PDB_NTPASSWD,
@@ -136,7 +137,10 @@ typedef struct sam_passwd
 		uint32 hours_len; /* normally 21 bytes */
 		uint8 hours[MAX_HOURS_LEN];
 		
-		uint32 unknown_5; /* 0x0002 0000 */
+		/* Was unknown_5. */
+		uint16 bad_password_count;
+		uint16 logon_count;
+
 		uint32 unknown_6; /* 0x0000 04ec */
 		/* a tag for who added the private methods */
 		const struct pdb_methods *backend_private_methods;
diff --git a/source3/include/rpc_samr.h b/source3/include/rpc_samr.h
index 4d9ad0b2e1..3b81042df3 100644
--- a/source3/include/rpc_samr.h
+++ b/source3/include/rpc_samr.h
@@ -189,7 +189,9 @@ typedef struct sam_user_info_23
 	/* uint8 pad[2] */
 	uint32 ptr_logon_hrs; /* pointer to logon hours */
 
-	uint32 unknown_5;     /* 0x0001 0000 */
+	/* Was unknown_5. */
+	uint16 bad_password_count;
+	uint16 logon_count;
 
 	uint8 padding1[6];
 		
@@ -312,7 +314,9 @@ typedef struct sam_user_info_21
 	/* uint8 pad[2] */
 	uint32 ptr_logon_hrs; /* unknown pointer */
 
-	uint32 unknown_5;     /* 0x0002 0000 */
+	/* Was unknown_5. */
+	uint16 bad_password_count;
+	uint16 logon_count;
 
 	uint8 padding1[6];
 		
diff --git a/source3/include/smbldap.h b/source3/include/smbldap.h
index 826fc3c55a..9765b9fbd6 100644
--- a/source3/include/smbldap.h
+++ b/source3/include/smbldap.h
@@ -88,6 +88,8 @@
 #define LDAP_ATTR_SID			32
 #define LDAP_ATTR_ALGORITHMIC_RID_BASE  33
 #define LDAP_ATTR_NEXT_RID              34
+#define LDAP_ATTR_BAD_PASSWORD_COUNT	35
+#define LDAP_ATTR_LOGON_COUNT		36
 
 typedef struct _attrib_map_entry {
 	int		attrib;
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index 78f36eb9b6..cdbda38983 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -83,7 +83,8 @@ void pdb_fill_default_sam(SAM_ACCOUNT *user)
 	user->private.logon_divs = 168; 	/* hours per week */
 	user->private.hours_len = 21; 		/* 21 times 8 bits = 168 */
 	memset(user->private.hours, 0xff, user->private.hours_len); /* available at all hours */
-	user->private.unknown_5 = 0x00000000; /* don't know */
+	user->private.bad_password_count = 0;
+	user->private.logon_count = 0;
 	user->private.unknown_6 = 0x000004ec; /* don't know */
 
 	/* Some parts of samba strlen their pdb_get...() returns, 
@@ -1280,7 +1281,7 @@ BOOL local_sid_to_gid(gid_t *pgid, const DOM_SID *psid, enum SID_NAME_USE *name_
  Marshall/unmarshall SAM_ACCOUNT structs.
  *********************************************************************/
 
-#define TDB_FORMAT_STRING       "ddddddBBBBBBBBBBBBddBBwdwdBdd"
+#define TDB_FORMAT_STRING       "ddddddBBBBBBBBBBBBddBBwdwdBwwd"
 
 /**********************************************************************
  Intialize a SAM_ACCOUNT struct from a BYTE buffer of size len
@@ -1315,8 +1316,9 @@ BOOL init_sam_from_buffer(SAM_ACCOUNT *sampass, uint8 *buf, uint32 buflen)
 		fullname_len, homedir_len, logon_script_len,
 		profile_path_len, acct_desc_len, workstations_len;
 		
-	uint32	user_rid, group_rid, unknown_3, hours_len, unknown_5, unknown_6;
+	uint32	user_rid, group_rid, unknown_3, hours_len, unknown_6;
 	uint16	acct_ctrl, logon_divs;
+	uint16	bad_password_count, logon_count;
 	uint8	*hours;
 	static uint8	*lm_pw_ptr, *nt_pw_ptr;
 	uint32		len = 0;
@@ -1357,7 +1359,8 @@ BOOL init_sam_from_buffer(SAM_ACCOUNT *sampass, uint8 *buf, uint32 buflen)
 		&logon_divs,
 		&hours_len,
 		&hourslen, &hours,
-		&unknown_5,
+		&bad_password_count,
+		&logon_count,
 		&unknown_6);
 		
 	if (len == -1)  {
@@ -1432,7 +1435,8 @@ BOOL init_sam_from_buffer(SAM_ACCOUNT *sampass, uint8 *buf, uint32 buflen)
 	pdb_set_group_sid_from_rid(sampass, group_rid, PDB_SET);
 	pdb_set_unknown_3(sampass, unknown_3, PDB_SET);
 	pdb_set_hours_len(sampass, hours_len, PDB_SET);
-	pdb_set_unknown_5(sampass, unknown_5, PDB_SET);
+	pdb_set_bad_password_count(sampass, bad_password_count, PDB_SET);
+	pdb_set_logon_count(sampass, logon_count, PDB_SET);
 	pdb_set_unknown_6(sampass, unknown_6, PDB_SET);
 	pdb_set_acct_ctrl(sampass, acct_ctrl, PDB_SET);
 	pdb_set_logon_divs(sampass, logon_divs, PDB_SET);
@@ -1640,7 +1644,8 @@ uint32 init_buffer_from_sam (uint8 **buf, const SAM_ACCOUNT *sampass, BOOL size_
 		pdb_get_logon_divs(sampass),
 		pdb_get_hours_len(sampass),
 		MAX_HOURS_LEN, pdb_get_hours(sampass),
-		pdb_get_unknown_5(sampass),
+		pdb_get_bad_password_count(sampass),
+		pdb_get_logon_count(sampass),
 		pdb_get_unknown_6(sampass));
 
 
@@ -1682,7 +1687,8 @@ uint32 init_buffer_from_sam (uint8 **buf, const SAM_ACCOUNT *sampass, BOOL size_
 		pdb_get_logon_divs(sampass),
 		pdb_get_hours_len(sampass),
 		MAX_HOURS_LEN, pdb_get_hours(sampass),
-		pdb_get_unknown_5(sampass),
+		pdb_get_bad_password_count(sampass),
+		pdb_get_logon_count(sampass),
 		pdb_get_unknown_6(sampass));
 	
 	
diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c
index 1505458551..9c2b7e4c70 100644
--- a/source3/passdb/pdb_get_set.c
+++ b/source3/passdb/pdb_get_set.c
@@ -314,12 +314,20 @@ uint32 pdb_get_unknown_3 (const SAM_ACCOUNT *sampass)
 		return (-1);
 }
 
-uint32 pdb_get_unknown_5 (const SAM_ACCOUNT *sampass)
+uint16 pdb_get_bad_password_count(const SAM_ACCOUNT *sampass)
 {
 	if (sampass)
-		return (sampass->private.unknown_5);
+		return (sampass->private.bad_password_count);
 	else
-		return (-1);
+		return 0;
+}
+
+uint16 pdb_get_logon_count(const SAM_ACCOUNT *sampass)
+{
+	if (sampass)
+		return (sampass->private.logon_count);
+	else
+		return 0;
 }
 
 uint32 pdb_get_unknown_6 (const SAM_ACCOUNT *sampass)
@@ -984,14 +992,24 @@ BOOL pdb_set_unknown_3 (SAM_ACCOUNT *sampass, uint32 unkn, enum pdb_value_state
 	return pdb_set_init_flags(sampass, PDB_UNKNOWN3, flag);
 }
 
-BOOL pdb_set_unknown_5 (SAM_ACCOUNT *sampass, uint32 unkn, enum pdb_value_state flag)
+BOOL pdb_set_bad_password_count(SAM_ACCOUNT *sampass, uint16 bad_password_count, enum pdb_value_state flag)
+{
+	if (!sampass)
+		return False;
+
+	sampass->private.bad_password_count = bad_password_count;
+
+	return pdb_set_init_flags(sampass, PDB_BAD_PASSWORD_COUNT, flag);
+}
+
+BOOL pdb_set_logon_count(SAM_ACCOUNT *sampass, uint16 logon_count, enum pdb_value_state flag)
 {
 	if (!sampass)
 		return False;
 
-	sampass->private.unknown_5 = unkn;
+	sampass->private.logon_count = logon_count;
 
-	return pdb_set_init_flags(sampass, PDB_UNKNOWN5, flag);
+	return pdb_set_init_flags(sampass, PDB_LOGON_COUNT, flag);
 }
 
 BOOL pdb_set_unknown_6 (SAM_ACCOUNT *sampass, uint32 unkn, enum pdb_value_state flag)
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index e00631fb7d..d4de6b2e96 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -422,6 +422,8 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 			smbntpwd[NT_HASH_LEN];
 	uint16 		acct_ctrl = 0, 
 			logon_divs;
+	uint16 		bad_password_count = 0, 
+			logon_count = 0;
 	uint32 hours_len;
 	uint8 		hours[MAX_HOURS_LEN];
 	pstring temp;
@@ -704,7 +706,23 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 	pdb_set_munged_dial(sampass, munged_dial, PDB_SET);
 	
 	/* pdb_set_unknown_3(sampass, unknown3, PDB_SET); */
-	/* pdb_set_unknown_5(sampass, unknown5, PDB_SET); */
+
+	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
+			get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_BAD_PASSWORD_COUNT), temp)) {
+			/* leave as default */
+	} else {
+		bad_password_count = (uint32) atol(temp);
+		pdb_set_bad_password_count(sampass, bad_password_count, PDB_SET);
+	}
+
+	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
+			get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_LOGON_COUNT), temp)) {
+			/* leave as default */
+	} else {
+		logon_count = (uint32) atol(temp);
+		pdb_set_logon_count(sampass, logon_count, PDB_SET);
+	}
+
 	/* pdb_set_unknown_6(sampass, unknown6, PDB_SET); */
 
 	pdb_set_hours(sampass, hours, PDB_SET);
diff --git a/source3/passdb/pdb_mysql.c b/source3/passdb/pdb_mysql.c
index 6c200be504..460e260ddc 100644
--- a/source3/passdb/pdb_mysql.c
+++ b/source3/passdb/pdb_mysql.c
@@ -49,7 +49,8 @@
 #define CONFIG_UNKNOWN_3_DEFAULT			"unknown_3"
 #define CONFIG_LOGON_DIVS_DEFAULT			"logon_divs"
 #define CONFIG_HOURS_LEN_DEFAULT			"hours_len"
-#define CONFIG_UNKNOWN_5_DEFAULT			"unknown_5"
+#define CONFIG_BAD_PASSWORD_COUNT_DEFAULT		"bad_password_count"
+#define CONFIG_LOGON_COUNT_DEFAULT			"logon_count"
 #define CONFIG_UNKNOWN_6_DEFAULT			"unknown_6"
 #define CONFIG_HOST_DEFAULT				"localhost"
 #define CONFIG_USER_DEFAULT				"samba"
@@ -259,8 +260,9 @@ static NTSTATUS row_to_sam_account(MYSQL_RES * r, SAM_ACCOUNT * u)
 	pdb_set_unknown_3(u, xatol(row[24]), PDB_SET);
 	pdb_set_logon_divs(u, xatol(row[25]), PDB_SET);
 	pdb_set_hours_len(u, xatol(row[26]), PDB_SET);
-	pdb_set_unknown_5(u, xatol(row[27]), PDB_SET);
-	pdb_set_unknown_6(u, xatol(row[28]), PDB_SET);
+	pdb_set_bad_password_count(u, xatol(row[27]), PDB_SET);
+	pdb_set_logon_count(u, xatol(row[28]), PDB_SET);
+	pdb_set_unknown_6(u, xatol(row[29]), PDB_SET);
 
 	return NT_STATUS_OK;
 }
@@ -278,7 +280,7 @@ static NTSTATUS mysqlsam_setsampwent(struct pdb_methods *methods, BOOL update)
 	}
 
 	asprintf(&query,
-			 "SELECT %s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s FROM %s",
+			 "SELECT %s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s FROM %s",
 			 config_value_read(data, "logon time column",
 							   CONFIG_LOGON_TIME_DEFAULT),
 			 config_value_read(data, "logoff time column",
@@ -333,8 +335,10 @@ static NTSTATUS mysqlsam_setsampwent(struct pdb_methods *methods, BOOL update)
 							   CONFIG_LOGON_DIVS_DEFAULT),
 			 config_value_read(data, "hours len column",
 							   CONFIG_HOURS_LEN_DEFAULT),
-			 config_value_read(data, "unknown 5 column",
-							   CONFIG_UNKNOWN_5_DEFAULT),
+			 config_value_read(data, "bad_password_count column",
+							   CONFIG_BAD_PASSWORD_COUNT_DEFAULT),
+			 config_value_read(data, "logon_count column",
+							   CONFIG_LOGON_COUNT_DEFAULT),
 			 config_value_read(data, "unknown 6 column",
 							   CONFIG_UNKNOWN_6_DEFAULT),
 			 config_value(data, "table", CONFIG_TABLE_DEFAULT)
diff --git a/source3/passdb/pdb_xml.c b/source3/passdb/pdb_xml.c
index 7af2fdd940..29922bca4f 100644
--- a/source3/passdb/pdb_xml.c
+++ b/source3/passdb/pdb_xml.c
@@ -159,8 +159,13 @@ static BOOL parseUser(xmlDocPtr doc, xmlNsPtr ns, xmlNodePtr cur, SAM_ACCOUNT *
 							  atol(xmlNodeListGetString
 								   (doc, cur->xmlChildrenNode, 1)), PDB_SET);
 
-		else if (!strcmp(cur->name, "unknown_5") && cur->ns == ns)
-			pdb_set_unknown_5(u,
+		else if (!strcmp(cur->name, "bad_password_count") && cur->ns == ns)
+			pdb_set_bad_password_count(u,
+							  atol(xmlNodeListGetString
+								   (doc, cur->xmlChildrenNode, 1)), PDB_SET);
+
+		else if (!strcmp(cur->name, "logon_count") && cur->ns == ns)
+			pdb_set_logon_count(u,
 							  atol(xmlNodeListGetString
 								   (doc, cur->xmlChildrenNode, 1)), PDB_SET);
 
@@ -495,7 +500,8 @@ static NTSTATUS xmlsam_add_sam_account(struct pdb_methods *methods, SAM_ACCOUNT
 		xmlNewChild(user, data->ns, "hours_len",
 					iota(pdb_get_hours_len(u)));
 
-	xmlNewChild(user, data->ns, "unknown_5", iota(pdb_get_unknown_5(u)));
+	xmlNewChild(user, data->ns, "bad_password_count", iota(pdb_get_bad_password_count(u)));
+	xmlNewChild(user, data->ns, "logon_count", iota(pdb_get_logon_count(u)));
 	xmlNewChild(user, data->ns, "unknown_6", iota(pdb_get_unknown_6(u)));
 	xmlSaveFile(data->location, data->doc);
 
diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c
index 1fe9b3231f..420a727765 100644
--- a/source3/rpc_parse/parse_samr.c
+++ b/source3/rpc_parse/parse_samr.c
@@ -5411,7 +5411,6 @@ static BOOL sam_io_user_info24(const char *desc, SAM_USER_INFO_24 * usr,
  init_sam_user_info23
 
  unknown_3 = 0x09f8 27fa
- unknown_5 = 0x0001 0000
  unknown_6 = 0x0000 04ec 
 
  *************************************************************************/
@@ -5438,7 +5437,8 @@ void init_sam_user_info23W(SAM_USER_INFO_23 * usr, NTTIME * logon_time,	/* all z
 			uint32 unknown_3,
 			uint16 logon_divs,
 			LOGON_HRS * hrs,
-			uint32 unknown_5,
+			uint16 bad_password_count,
+			uint16 logon_count,
 			char newpass[516], uint32 unknown_6)
 {
 	int len_user_name = user_name != NULL ? user_name->uni_str_len : 0;
@@ -5487,11 +5487,11 @@ void init_sam_user_info23W(SAM_USER_INFO_23 * usr, NTTIME * logon_time,	/* all z
 		usr->passmustchange=0;
 	}
 
-
 	ZERO_STRUCT(usr->padding1);
 	ZERO_STRUCT(usr->padding2);
 
-	usr->unknown_5 = unknown_5;	/* 0x0001 0000 */
+	usr->bad_password_count = bad_password_count;
+	usr->logon_count = logon_count;
 
 	memcpy(usr->pass, newpass, sizeof(usr->pass));
 
@@ -5516,7 +5516,6 @@ void init_sam_user_info23W(SAM_USER_INFO_23 * usr, NTTIME * logon_time,	/* all z
  init_sam_user_info23
 
  unknown_3 = 0x09f8 27fa
- unknown_5 = 0x0001 0000
  unknown_6 = 0x0000 04ec 
 
  *************************************************************************/
@@ -5534,7 +5533,7 @@ void init_sam_user_info23A(SAM_USER_INFO_23 * usr, NTTIME * logon_time,	/* all z
 			   char *unk_str, char *mung_dial, uint32 user_rid,	/* 0x0000 0000 */
 			   uint32 group_rid, uint32 acb_info,
 			   uint32 unknown_3, uint16 logon_divs,
-			   LOGON_HRS * hrs, uint32 unknown_5,
+			   LOGON_HRS * hrs, uint16 bad_password_count, uint16 logon_count,
 			   char newpass[516], uint32 unknown_6)
 {
 	int len_user_name = user_name != NULL ? strlen(user_name) : 0;
@@ -5586,7 +5585,8 @@ void init_sam_user_info23A(SAM_USER_INFO_23 * usr, NTTIME * logon_time,	/* all z
 	ZERO_STRUCT(usr->padding1);
 	ZERO_STRUCT(usr->padding2);
 
-	usr->unknown_5 = unknown_5;	/* 0x0001 0000 */
+	usr->bad_password_count = bad_password_count;
+	usr->logon_count = logon_count;
 
 	memcpy(usr->pass, newpass, sizeof(usr->pass));
 
@@ -5678,7 +5678,9 @@ static BOOL sam_io_user_info23(const char *desc, SAM_USER_INFO_23 * usr,
 	if(!prs_uint32("ptr_logon_hrs ", ps, depth, &usr->ptr_logon_hrs))
 		return False;
 
-	if(!prs_uint32("unknown_5     ", ps, depth, &usr->unknown_5))
+	if(!prs_uint16("bad_password_count     ", ps, depth, &usr->bad_password_count))
+		return False;
+	if(!prs_uint16("logon_count     ", ps, depth, &usr->logon_count))
 		return False;
 
 	if(!prs_uint8s(False, "padding1      ", ps, depth, usr->padding1, sizeof(usr->padding1)))
@@ -5865,7 +5867,6 @@ static BOOL sam_io_user_info25(const char *desc, SAM_USER_INFO_25 * usr, prs_str
  init_sam_user_info21W
 
  unknown_3 = 0x00ff ffff
- unknown_5 = 0x0002 0000
  unknown_6 = 0x0000 04ec 
 
  *************************************************************************/
@@ -5895,7 +5896,9 @@ void init_sam_user_info21W(SAM_USER_INFO_21 * usr,
 			   uint32 unknown_3,
 			   uint16 logon_divs,
 			   LOGON_HRS * hrs,
-			   uint32 unknown_5, uint32 unknown_6)
+			   uint16 bad_password_count,
+			   uint16 logon_count,
+			   uint32 unknown_6)
 {
 	int len_user_name = user_name != NULL ? user_name->uni_str_len : 0;
 	int len_full_name = full_name != NULL ? full_name->uni_str_len : 0;
@@ -5936,7 +5939,8 @@ void init_sam_user_info21W(SAM_USER_INFO_21 * usr,
 
 	usr->logon_divs = logon_divs;	/* should be 168 (hours/week) */
 	usr->ptr_logon_hrs = hrs ? 1 : 0;
-	usr->unknown_5 = unknown_5;	/* 0x0002 0000 */
+	usr->bad_password_count = bad_password_count;
+	usr->logon_count = logon_count;
 
 	if (nt_time_is_zero(pass_must_change_time)) {
 		usr->passmustchange=PASS_MUST_CHANGE_AT_NEXT_LOGON;
@@ -5944,7 +5948,6 @@ void init_sam_user_info21W(SAM_USER_INFO_21 * usr,
 		usr->passmustchange=0;
 	}
 
-
 	ZERO_STRUCT(usr->padding1);
 	ZERO_STRUCT(usr->padding2);
 
@@ -5969,7 +5972,6 @@ void init_sam_user_info21W(SAM_USER_INFO_21 * usr,
  init_sam_user_info21
 
  unknown_3 = 0x00ff ffff
- unknown_5 = 0x0002 0000
  unknown_6 = 0x0000 04ec 
 
  *************************************************************************/
@@ -6086,7 +6088,8 @@ NTSTATUS init_sam_user_info21A(SAM_USER_INFO_21 *usr, SAM_ACCOUNT *pw, DOM_SID *
 
 	usr->logon_divs = pdb_get_logon_divs(pw); 
 	usr->ptr_logon_hrs = pdb_get_hours(pw) ? 1 : 0;
-	usr->unknown_5 = pdb_get_unknown_5(pw); /* 0x0002 0000 */
+	usr->bad_password_count = pdb_get_bad_password_count(pw);
+	usr->logon_count = pdb_get_logon_count(pw);
 
 	if (pdb_get_pass_must_change_time(pw) == 0) {
 		usr->passmustchange=PASS_MUST_CHANGE_AT_NEXT_LOGON;
@@ -6094,7 +6097,6 @@ NTSTATUS init_sam_user_info21A(SAM_USER_INFO_21 *usr, SAM_ACCOUNT *pw, DOM_SID *
 		usr->passmustchange=0;
 	}
 
-
 	ZERO_STRUCT(usr->padding1);
 	ZERO_STRUCT(usr->padding2);
 
@@ -6192,7 +6194,9 @@ static BOOL sam_io_user_info21(const char *desc, SAM_USER_INFO_21 * usr,
 	if(!prs_uint32("ptr_logon_hrs ", ps, depth, &usr->ptr_logon_hrs))
 		return False;
 
-	if(!prs_uint32("unknown_5     ", ps, depth, &usr->unknown_5))
+	if(!prs_uint16("bad_password_count     ", ps, depth, &usr->bad_password_count))
+		return False;
+	if(!prs_uint16("logon_count     ", ps, depth, &usr->logon_count))
 		return False;
 
 	if(!prs_uint8s(False, "padding1      ", ps, depth, usr->padding1, sizeof(usr->padding1)))
diff --git a/source3/rpc_server/srv_samr_util.c b/source3/rpc_server/srv_samr_util.c
index b81c441811..db6649073e 100644
--- a/source3/rpc_server/srv_samr_util.c
+++ b/source3/rpc_server/srv_samr_util.c
@@ -189,7 +189,7 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from)
 		pdb_set_acct_ctrl(to, from->acb_info, PDB_CHANGED);
 	}
 
-	DEBUG(10,("INFO_21 UNKOWN_3: %08X -> %08X\n",pdb_get_unknown_3(to),from->unknown_3));
+	DEBUG(10,("INFO_21 UNKNOWN_3: %08X -> %08X\n",pdb_get_unknown_3(to),from->unknown_3));
 	if (from->unknown_3 != pdb_get_unknown_3(to)) {
 		pdb_set_unknown_3(to, from->unknown_3, PDB_CHANGED);
 	}
@@ -208,12 +208,17 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from)
 /* Fix me: only update if it changes --metze */
 	pdb_set_hours(to, from->logon_hrs.hours, PDB_CHANGED);
 
-	DEBUG(10,("INFO_21 UNKOWN_5: %08X -> %08X\n",pdb_get_unknown_5(to),from->unknown_5));
-	if (from->unknown_5 != pdb_get_unknown_5(to)) {
-		pdb_set_unknown_5(to, from->unknown_5, PDB_CHANGED);
+	DEBUG(10,("INFO_21 BAD_PASSWORD_COUNT: %08X -> %08X\n",pdb_get_bad_password_count(to),from->bad_password_count));
+	if (from->bad_password_count != pdb_get_bad_password_count(to)) {
+		pdb_set_bad_password_count(to, from->bad_password_count, PDB_CHANGED);
 	}
 
-	DEBUG(10,("INFO_21 UNKOWN_6: %08X -> %08X\n",pdb_get_unknown_6(to),from->unknown_6));
+	DEBUG(10,("INFO_21 LOGON_COUNT: %08X -> %08X\n",pdb_get_logon_count(to),from->logon_count));
+	if (from->logon_count != pdb_get_logon_count(to)) {
+		pdb_set_logon_count(to, from->logon_count, PDB_CHANGED);
+	}
+
+	DEBUG(10,("INFO_21 UNKNOWN_6: %08X -> %08X\n",pdb_get_unknown_6(to),from->unknown_6));
 	if (from->unknown_6 != pdb_get_unknown_6(to)) {
 		pdb_set_unknown_6(to, from->unknown_6, PDB_CHANGED);
 	}
@@ -413,9 +418,14 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from)
 /* Fix me: only update if it changes --metze */
 	pdb_set_hours(to, from->logon_hrs.hours, PDB_CHANGED);
 
-	DEBUG(10,("INFO_23 UNKOWN_5: %08X -> %08X\n",pdb_get_unknown_5(to),from->unknown_5));
-	if (from->unknown_5 != pdb_get_unknown_5(to)) {
-		pdb_set_unknown_5(to, from->unknown_5, PDB_CHANGED);
+	DEBUG(10,("INFO_23 BAD_PASSWORD_COUNT: %08X -> %08X\n",pdb_get_bad_password_count(to),from->bad_password_count));
+	if (from->bad_password_count != pdb_get_bad_password_count(to)) {
+		pdb_set_bad_password_count(to, from->bad_password_count, PDB_CHANGED);
+	}
+
+	DEBUG(10,("INFO_23 LOGON_COUNT: %08X -> %08X\n",pdb_get_logon_count(to),from->logon_count));
+	if (from->logon_count != pdb_get_logon_count(to)) {
+		pdb_set_logon_count(to, from->logon_count, PDB_CHANGED);
 	}
 
 	DEBUG(10,("INFO_23 UNKOWN_6: %08X -> %08X\n",pdb_get_unknown_6(to),from->unknown_6));
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index 722d66621a..34c6fc35ab 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -85,7 +85,8 @@ static void display_sam_user_info_21(SAM_USER_INFO_21 *usr)
 	
 	printf("\tunknown_3:\t0x%08x\n", usr->unknown_3); /* 0x00ff ffff */
 	printf("\tlogon_divs:\t%d\n", usr->logon_divs); /* 0x0000 00a8 which is 168 which is num hrs in a week */
-	printf("\tunknown_5:\t0x%08x\n", usr->unknown_5); /* 0x0002 0000 */
+	printf("\tbad_password_count:\t0x%08x\n", usr->bad_password_count);
+	printf("\tlogon_count:\t0x%08x\n", usr->logon_count);
 	
 	printf("\tpadding1[0..7]...\n");