From 357998ddbdeb2fae0a30c578e747154fec22c180 Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Thu, 18 Mar 2004 19:22:51 +0000 Subject: Password lockout for LDAP backend. Caches autolock flag, bad count, and bad time locally, updating the directory only for hitting the policy limit or resetting. This needed to be done at the passdb level rather than auth, because some of the functions need to be supported from tools such as pdbedit. It was done at the LDAP backend level instead of generically after discussion, because of the complexity of inserting it at a higher level. The login cache read/write/delete is outside of the ldap backend, so it could easily be called by other backends. tdbsam won't call it for obvious reasons, and authors of other backends need to decide if they want to implement it. (This used to be commit 2a679cbc87a2a9111e9e6cdebbb62dec0ab3a0c0) --- source3/lib/smbldap.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source3/lib') diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c index 2c76e84254..18979e2f76 100644 --- a/source3/lib/smbldap.c +++ b/source3/lib/smbldap.c @@ -100,6 +100,7 @@ ATTRIB_MAP_ENTRY attrib_map_v30[] = { { LDAP_ATTR_MUNGED_DIAL, "sambaMungedDial" }, { LDAP_ATTR_BAD_PASSWORD_COUNT, "sambaBadPasswordCount" }, { LDAP_ATTR_BAD_PASSWORD_TIME, "sambaBadPasswordTime" }, + { LDAP_ATTR_MOD_TIMESTAMP, "modifyTimestamp" }, { LDAP_ATTR_LIST_END, NULL } }; @@ -1394,3 +1395,4 @@ char *smbldap_get_dn(LDAP *ld, LDAPMessage *entry) ldap_memfree(utf8_dn); return unix_dn; } + -- cgit