summaryrefslogtreecommitdiff
path: root/source3/utils/pdbedit.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/utils/pdbedit.c')
-rw-r--r--source3/utils/pdbedit.c28
1 files changed, 25 insertions, 3 deletions
diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c
index 83663c52b6..733a1289da 100644
--- a/source3/utils/pdbedit.c
+++ b/source3/utils/pdbedit.c
@@ -48,6 +48,7 @@
#define BIT_IMPORT 0x01000000
#define BIT_EXPORT 0x02000000
#define BIT_FIX_INIT 0x04000000
+#define BIT_BADPWRESET 0x08000000
#define MASK_ALWAYS_GOOD 0x0000001F
#define MASK_USER_GOOD 0x00401F00
@@ -153,6 +154,11 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst
tmp = pdb_get_pass_must_change_time(sam_pwent);
printf ("Password must change: %s\n", tmp ? http_timestring(tmp) : "0");
+
+ tmp = pdb_get_bad_password_time(sam_pwent);
+ printf ("Last bad password : %s\n", tmp ? http_timestring(tmp) : "0");
+ printf ("Bad password count : %d\n",
+ pdb_get_bad_password_count(sam_pwent));
} else if (smbpwdstyle) {
char lm_passwd[33];
@@ -277,7 +283,8 @@ static int set_user_info (struct pdb_context *in, const char *username,
const char *fullname, const char *homedir,
const char *drive, const char *script,
const char *profile, const char *account_control,
- const char *user_sid, const char *group_sid)
+ const char *user_sid, const char *group_sid,
+ const BOOL badpw)
{
SAM_ACCOUNT *sam_pwent=NULL;
BOOL ret;
@@ -348,6 +355,11 @@ static int set_user_info (struct pdb_context *in, const char *username,
}
pdb_set_group_sid (sam_pwent, &g_sid, PDB_CHANGED);
}
+
+ if (badpw) {
+ pdb_set_bad_password_count(sam_pwent, 0, PDB_CHANGED);
+ pdb_set_bad_password_time(sam_pwent, 0, PDB_CHANGED);
+ }
if (NT_STATUS_IS_OK(in->pdb_update_sam_account (in, sam_pwent)))
print_user_info (in, username, True, False);
@@ -595,6 +607,7 @@ int main (int argc, char **argv)
static char *group_sid = NULL;
static long int account_policy_value = 0;
BOOL account_policy_value_set = False;
+ static BOOL badpw_reset = False;
struct pdb_context *bin;
struct pdb_context *bout;
@@ -625,6 +638,7 @@ int main (int argc, char **argv)
{"value", 'C', POPT_ARG_LONG, &account_policy_value, 'C',"set the account policy to this value", NULL},
{"account-control", 'c', POPT_ARG_STRING, &account_control, 0, "Values of account control", NULL},
{"force-initialized-passwords", 0, POPT_ARG_NONE, &force_initialised_password, 0, "Force initialization of corrupt password strings in a passdb backend", NULL},
+ {"bad-password-count-reset", 'z', POPT_ARG_NONE, &badpw_reset, 0, "reset bad password count", NULL},
POPT_COMMON_SAMBA
POPT_TABLEEND
};
@@ -677,7 +691,8 @@ int main (int argc, char **argv)
(account_policy ? BIT_ACCPOLICY : 0) +
(account_policy_value_set ? BIT_ACCPOLVAL : 0) +
(backend_in ? BIT_IMPORT : 0) +
- (backend_out ? BIT_EXPORT : 0);
+ (backend_out ? BIT_EXPORT : 0) +
+ (badpw_reset ? BIT_BADPWRESET : 0);
if (setparms & BIT_BACKEND) {
if (!NT_STATUS_IS_OK(make_pdb_context_string(&bdef, backend))) {
@@ -774,6 +789,12 @@ int main (int argc, char **argv)
/* mask out users options */
checkparms &= ~MASK_USER_GOOD;
+
+ /* if bad password count is reset, we must be modifying */
+ if (checkparms & BIT_BADPWRESET) {
+ checkparms |= BIT_MODIFY;
+ checkparms &= ~BIT_BADPWRESET;
+ }
/* account operation */
if ((checkparms & BIT_CREATE) || (checkparms & BIT_MODIFY) || (checkparms & BIT_DELETE)) {
@@ -810,7 +831,8 @@ int main (int argc, char **argv)
home_drive,
logon_script,
profile_path, account_control,
- user_sid, group_sid);
+ user_sid, group_sid,
+ badpw_reset);
}
}