From 890d590e5193cc187d4c8dc423afef57048400fa Mon Sep 17 00:00:00 2001 From: Matthias Dieter Wallnöfer Date: Sat, 12 Jun 2010 13:22:54 +0200 Subject: s4:password_hash LDB module - this does really deactivate the MS LAN manager hash Previously, only the conversion from cleartext to the LM hash was deactivated, and not when the user specified it directly through "dBCSPwd". --- source4/dsdb/samdb/ldb_modules/password_hash.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'source4') diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c index 9db97541f1..94eb9cf9fa 100644 --- a/source4/dsdb/samdb/ldb_modules/password_hash.c +++ b/source4/dsdb/samdb/ldb_modules/password_hash.c @@ -1382,8 +1382,7 @@ static int setup_given_passwords(struct setup_password_fields_io *io, g->cleartext_utf16->length); } - if (g->cleartext_utf8 && - lp_lanman_auth(ldb_get_opaque(ldb, "loadparm"))) { + if (g->cleartext_utf8) { struct samr_Password *lm_hash; lm_hash = talloc(io->ac, struct samr_Password); @@ -1435,9 +1434,14 @@ static int setup_password_fields(struct setup_password_fields_io *io) return ret; } - ret = setup_lm_fields(io); - if (ret != LDB_SUCCESS) { - return ret; + if (lp_lanman_auth(ldb_get_opaque(ldb, "loadparm"))) { + ret = setup_lm_fields(io); + if (ret != LDB_SUCCESS) { + return ret; + } + } else { + io->g.lm_hash = NULL; + io->g.lm_history_len = 0; } ret = setup_supplemental_field(io); -- cgit