4 files changed, 70 insertions, 23 deletions

diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index fa0dd244d2..634ea8fdac 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -1624,29 +1624,6 @@ BOOL pdb_set_lanman_passwd (SAM_ACCOUNT *sampass, uint8 *pwd)
 	return True;
 }
 
-/*********************************************************************
- Set the user's PLAINTEXT password.  Used as an interface to the above.
- ********************************************************************/
-
-BOOL pdb_set_plaintext_passwd (SAM_ACCOUNT *sampass, char *plaintext)
-{
-	uchar new_lanman_p16[16];
-	uchar new_nt_p16[16];
-
-	if (!sampass || !plaintext)
-		return False;
-	
-	nt_lm_owf_gen (plaintext, new_nt_p16, new_lanman_p16);
-
-	if (!pdb_set_nt_passwd (sampass, new_nt_p16)) 
-		return False;
-
-	if (!pdb_set_lanman_passwd (sampass, new_lanman_p16)) 
-		return False;
-
-	return True;
-}
-
 BOOL pdb_set_unknown_3 (SAM_ACCOUNT *sampass, uint32 unkn)
 {
 	if (!sampass)
@@ -1688,3 +1665,57 @@ BOOL pdb_set_hours (SAM_ACCOUNT *sampass, uint8 *hours)
 
 	return True;
 }
+
+
+/* Helpful interfaces to the above */
+
+/*********************************************************************
+ Sets the last changed times and must change times for a normal
+ password change.
+ ********************************************************************/
+
+BOOL pdb_set_pass_changed_now (SAM_ACCOUNT *sampass)
+{
+
+	if (!sampass)
+		return False;
+	
+	if (!pdb_set_pass_last_set_time (sampass, time(NULL)))
+		return False;
+
+	if (!pdb_set_pass_must_change_time (sampass, 
+					    pdb_get_pass_last_set_time(sampass)
+					    + MAX_PASSWORD_AGE))
+		return False;
+	
+	return True;
+}
+
+/*********************************************************************
+ Set the user's PLAINTEXT password.  Used as an interface to the above.
+ Also sets the last change time to NOW.
+ ********************************************************************/
+
+BOOL pdb_set_plaintext_passwd (SAM_ACCOUNT *sampass, const char *plaintext)
+{
+	uchar new_lanman_p16[16];
+	uchar new_nt_p16[16];
+
+	if (!sampass || !plaintext)
+		return False;
+	
+	nt_lm_owf_gen (plaintext, new_nt_p16, new_lanman_p16);
+
+	if (!pdb_set_nt_passwd (sampass, new_nt_p16)) 
+		return False;
+
+	if (!pdb_set_lanman_passwd (sampass, new_lanman_p16)) 
+		return False;
+	
+	if (!pdb_set_pass_changed_now (sampass))
+		return False;
+
+	return True;
+}
+
+
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index 7a7ff09d71..32a0a02e70 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -436,6 +436,12 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *
 		return NT_STATUS_NO_MEMORY; 
 	}
  
+	if (!pdb_set_pass_changed_now     (sampass)) {
+		pdb_free_sam(&sampass);
+		/* Not quite sure what this one qualifies as, but this will do */
+		return NT_STATUS_NO_MEMORY; 
+	}
+ 
 	become_root();
 	ret = pdb_update_sam_account (sampass,False);
 	unbecome_root();
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index d9cae42145..7e48d74359 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -2288,6 +2288,10 @@ static BOOL set_user_info_12(SAM_USER_INFO_12 *id12, uint32 rid)
 		pdb_free_sam(&pwd);
 		return False;
 	}
+ 	if (!pdb_set_pass_changed_now (pwd)) {
+		pdb_free_sam(&pwd);
+		return False; 
+	}
  
 	if(!pdb_update_sam_account(pwd, True)) {
 		pdb_free_sam(&pwd);
diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c
index d2ee2f46fa..49f87a4ca1 100644
--- a/source3/smbd/chgpasswd.c
+++ b/source3/smbd/chgpasswd.c
@@ -682,6 +682,12 @@ BOOL change_lanman_password(SAM_ACCOUNT *sampass, uchar * pass1,
 		return False;	/* We lose the NT hash. Sorry. */
 	}
 
+	if (!pdb_set_pass_changed_now  (sampass)) {
+		pdb_free_sam(&sampass);
+		/* Not quite sure what this one qualifies as, but this will do */
+		return False; 
+	}
+ 
 	/* Now flush the sam_passwd struct to persistent storage */
 	become_root();
 	ret = pdb_update_sam_account (sampass, False);