From 8557c692f613847d190891b6d79498f4e8fb9096 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 1 Sep 2012 11:34:33 +1000 Subject: s4-kdc: Improve grammer and clarity of password change failure messages. This can still be improved further, but avoid mentioning reasons that clearly do not apply in this case. Andrew Bartlett --- source4/kdc/kpasswdd.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'source4') diff --git a/source4/kdc/kpasswdd.c b/source4/kdc/kpasswdd.c index c05ea82318..5558794df0 100644 --- a/source4/kdc/kpasswdd.c +++ b/source4/kdc/kpasswdd.c @@ -112,19 +112,18 @@ static bool kpasswd_make_pwchange_reply(struct kdc_server *kdc, const char *reject_string; switch (reject_reason) { case SAM_PWD_CHANGE_PASSWORD_TOO_SHORT: - reject_string = talloc_asprintf(mem_ctx, "Password too short, password must be at least %d characters long", + reject_string = talloc_asprintf(mem_ctx, "Password too short, password must be at least %d characters long.", dominfo->min_password_length); break; case SAM_PWD_CHANGE_NOT_COMPLEX: reject_string = "Password does not meet complexity requirements"; break; case SAM_PWD_CHANGE_PWD_IN_HISTORY: - reject_string = talloc_asprintf(mem_ctx, "Password is already in password history, cannot match any of your %d passwords", + reject_string = talloc_asprintf(mem_ctx, "Password is already in password history. New password must not match any of your %d previous passwords.", dominfo->password_history_length); break; default: - reject_string = talloc_asprintf(mem_ctx, "Password must be at least %d characters long, and cannot match any of your %d previous passwords", - dominfo->min_password_length, dominfo->password_history_length); + reject_string = "Password change rejected, password changes may not be permitted on this account, or the minimum password age may not have elapsed."; break; } return kpasswdd_make_error_reply(kdc, mem_ctx, -- cgit