From ba706d696b8fb14b8d449cd198d982eef18e4320 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 18 Aug 2010 18:16:24 +0200 Subject: s3: Remove smb_pam_accountcheck from the auth modules We go through the same check in auth/auth.c line 287 after the module has done its job. So we don't have to do that check twice. --- source3/auth/auth_domain.c | 17 ++--------------- 1 file changed, 2 insertions(+), 15 deletions(-) (limited to 'source3/auth/auth_domain.c') diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c index 445aff51bb..cac482c3d0 100644 --- a/source3/auth/auth_domain.c +++ b/source3/auth/auth_domain.c @@ -342,22 +342,9 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx, if (NT_STATUS_IS_OK(nt_status)) { (*server_info)->nss_token |= user_info->was_mapped; - - if ( ! (*server_info)->guest) { - /* if a real user check pam account restrictions */ - /* only really perfomed if "obey pam restriction" is true */ - nt_status = smb_pam_accountcheck((*server_info)->unix_name); - if ( !NT_STATUS_IS_OK(nt_status)) { - DEBUG(1, ("PAM account restriction prevents user login\n")); - cli_shutdown(cli); - TALLOC_FREE(info3); - return nt_status; - } - } + netsamlogon_cache_store(user_info->client.account_name, info3); + TALLOC_FREE(info3); } - - netsamlogon_cache_store(user_info->client.account_name, info3); - TALLOC_FREE(info3); } /* Note - once the cli stream is shutdown the mem_ctx used -- cgit