From 55ac16ba74602bf96fa63265a1026f62f58c273c Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Tue, 5 Jun 2007 23:35:39 +0000
Subject: r23358: Fix from Justin Maggard <jmaggard@infrant.com> - ensure we
 don't expire a password if it's explicitly set as ACB_PWNOTREQ. Jeremy. (This
 used to be commit 2ea5a6bd334e31201aa6f93f5c51e42924d36ebd)

---
 source3/auth/auth_sam.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source3/auth')

diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c
index 64556cabd3..b6364a6ca4 100644
--- a/source3/auth/auth_sam.c
+++ b/source3/auth/auth_sam.c
@@ -163,7 +163,7 @@ static NTSTATUS sam_account_ok(TALLOC_CTX *mem_ctx,
 		return NT_STATUS_ACCOUNT_EXPIRED;
 	}
 
-	if (!(pdb_get_acct_ctrl(sampass) & ACB_PWNOEXP)) {
+	if (!(pdb_get_acct_ctrl(sampass) & ACB_PWNOEXP) && !(pdb_get_acct_ctrl(sampass) & ACB_PWNOTREQ)) {
 		time_t must_change_time = pdb_get_pass_must_change_time(sampass);
 		time_t last_set_time = pdb_get_pass_last_set_time(sampass);
 
-- 
cgit