IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-15 10:51:56 -06:00
Code Issues Packages Projects Releases Wiki Activity

Let DS encode the password, this will allow IPA -> AD password

Browse Source 
synchronization to work again.
This commit is contained in:
Simo Sorce 2008-05-29 14:00:48 -04:00
parent d1322c6517
commit 3f4b182bc4
1 changed files with 4 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c
View File

@ -1631,7 +1631,6 @@ static int ipapwd_SetPassword(struct ipapwd_data *data)
struct ntlm_keys ntlm;
int ntlm_flags = 0;
Slapi_Value *sambaSamAccount;
char *userpwd;
krberr = krb5_init_context(&krbctx);
if (krberr) {
@ -1701,15 +1700,10 @@ static int ipapwd_SetPassword(struct ipapwd_data *data)
free(password);
}
/* use the default configured encoding */
userpwd = slapi_encode(data->password, NULL);
if (!userpwd) {
slapi_log_error(SLAPI_LOG_FATAL, "ipa_pwd_extop", "failed to make userPassword hash\n");
ret = LDAP_OPERATIONS_ERROR;
goto free_and_return;
}
slapi_mods_add_string(smods, LDAP_MOD_REPLACE, "userPassword", userpwd);
/* let DS encode the password itself, this allows also other plugins to
* intercept it to perform operations like synchronization with Active
* Directory domains through the replication plugin */
slapi_mods_add_string(smods, LDAP_MOD_REPLACE, "userPassword", data->password);
/* set password history */
pwvals = ipapwd_setPasswordHistory(smods, data);