3 files changed, 0 insertions, 82 deletions

diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c
index 82160bb4f9..286c75c786 100644
--- a/source3/auth/auth_domain.c
+++ b/source3/auth/auth_domain.c
@@ -31,74 +31,8 @@
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_AUTH
 
-extern bool global_machine_password_needs_changing;
 static struct named_mutex *mutex;
 
-/*
- * Change machine password (called from main loop
- * idle timeout. Must be done as root.
- */
-
-void attempt_machine_password_change(void)
-{
-	unsigned char trust_passwd_hash[16];
-	time_t lct;
-	void *lock;
-
-	if (!global_machine_password_needs_changing) {
-		return;
-	}
-
-	if (lp_security() != SEC_DOMAIN) {
-		return;
-	}
-
-	/*
-	 * We're in domain level security, and the code that
-	 * read the machine password flagged that the machine
-	 * password needs changing.
-	 */
-
-	/*
-	 * First, open the machine password file with an exclusive lock.
-	 */
-
-	lock = secrets_get_trust_account_lock(NULL, lp_workgroup());
-
-	if (lock == NULL) {
-		DEBUG(0,("attempt_machine_password_change: unable to lock "
-			"the machine account password for machine %s in "
-			"domain %s.\n",
-			lp_netbios_name(), lp_workgroup() ));
-		return;
-	}
-
-	if(!secrets_fetch_trust_account_password(lp_workgroup(),
-			trust_passwd_hash, &lct, NULL)) {
-		DEBUG(0,("attempt_machine_password_change: unable to read the "
-			"machine account password for %s in domain %s.\n",
-			lp_netbios_name(), lp_workgroup()));
-		TALLOC_FREE(lock);
-		return;
-	}
-
-	/*
-	 * Make sure someone else hasn't already done this.
-	 */
-
-	if(time(NULL) < lct + lp_machine_password_timeout()) {
-		global_machine_password_needs_changing = false;
-		TALLOC_FREE(lock);
-		return;
-	}
-
-	/* always just contact the PDC here */
-
-	change_trust_account_password( lp_workgroup(), NULL);
-	global_machine_password_needs_changing = false;
-	TALLOC_FREE(lock);
-}
-
 /**
  * Connect to a remote server for (inter)domain security authenticaion.
  *
diff --git a/source3/passdb/machine_account_secrets.c b/source3/passdb/machine_account_secrets.c
index 8aaea10d8c..463de714c1 100644
--- a/source3/passdb/machine_account_secrets.c
+++ b/source3/passdb/machine_account_secrets.c
@@ -33,9 +33,6 @@
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_PASSDB
 
-/* Urrrg. global.... */
-bool global_machine_password_needs_changing;
-
 /**
  * Form a key for fetching the domain sid
  *
@@ -344,14 +341,6 @@ bool secrets_fetch_trust_account_password_legacy(const char *domain,
 		*channel = get_default_sec_channel();
 	}
 
-	/* Test if machine password has expired and needs to be changed */
-	if (lp_machine_password_timeout()) {
-		if (pass->mod_time > 0 && time(NULL) > (pass->mod_time +
-				(time_t)lp_machine_password_timeout())) {
-			global_machine_password_needs_changing = True;
-		}
-	}
-
 	SAFE_FREE(pass);
 	return True;
 }
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index f8757faae0..80b0c1d79b 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -41,8 +41,6 @@
 #include "lib/id_cache.h"
 #include "serverid.h"
 
-extern bool global_machine_password_needs_changing;
-
 /* Internal message queue for deferred opens. */
 struct pending_message_list {
 	struct pending_message_list *next, *prev;
@@ -2581,9 +2579,6 @@ static bool housekeeping_fn(const struct timeval *now, void *private_data)
 	/* check if we need to reload services */
 	check_reload(sconn, time_mono(NULL));
 
-	/* Change machine password if neccessary. */
-	attempt_machine_password_change();
-
         /*
 	 * Force a log file check.
 	 */