From 44dd648a646e58ad69f250dcd23fe56d7885efd2 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 23 Jan 2002 11:57:11 +0000 Subject: Change the order of this a bit - as unix password change can fail. This due for abstraction into chgpasswd.c shortly. Andrew Bartlett (This used to be commit 635942ae21793136814a84b1d344f411a5d6e242) --- source3/smbd/lanman.c | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) (limited to 'source3/smbd') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index d755bb42f8..f6ebbc82ad 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1951,29 +1951,30 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param auth_serversupplied_info *server_info = NULL; DATA_BLOB password = data_blob(pass1, strlen(pass1)+1); if (NT_STATUS_IS_OK(check_plaintext_password(user,password,&server_info))) { - if (change_oem_password(server_info->sam_account,pass2)) - { - SSVAL(*rparam,0,NERR_Success); - } - + /* * If unix password sync was requested, attempt to change - * the /etc/passwd database also. Return failure if this cannot + * the /etc/passwd database first. Return failure if this cannot * be done. * - * This occours regardless of the previous result, becouse - * It might not have been testing the password against the SAM backend. - * (and therefore the change_oem_password would fail). + * This occurs before the oem change, becouse we don't want to + * update it if chgpasswd failed. * * Conditional on lp_unix_password_sync() becouse we don't want * to touch the unix db unless we have admin permission. */ - if(lp_unix_password_sync() && !chgpasswd(pdb_get_username(server_info->sam_account), - pass1,pass2,False)) { + if(lp_unix_password_sync() && IS_SAM_UNIX_USER(server->sam_account) + && !chgpasswd(pdb_get_username(server_info->sam_account), + pass1,pass2,False)) { SSVAL(*rparam,0,NERR_badpass); } + if (change_oem_password(server_info->sam_account,pass2)) + { + SSVAL(*rparam,0,NERR_Success); + } + free_server_info(&server_info); } data_blob_clear_free(&password); -- cgit