mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-02-13 08:56:30 -06:00
Let DS encode the password, this will allow IPA -> AD password
synchronization to work again.
This commit is contained in:
parent
d1322c6517
commit
3f4b182bc4
@ -1631,7 +1631,6 @@ static int ipapwd_SetPassword(struct ipapwd_data *data)
|
|||||||
struct ntlm_keys ntlm;
|
struct ntlm_keys ntlm;
|
||||||
int ntlm_flags = 0;
|
int ntlm_flags = 0;
|
||||||
Slapi_Value *sambaSamAccount;
|
Slapi_Value *sambaSamAccount;
|
||||||
char *userpwd;
|
|
||||||
|
|
||||||
krberr = krb5_init_context(&krbctx);
|
krberr = krb5_init_context(&krbctx);
|
||||||
if (krberr) {
|
if (krberr) {
|
||||||
@ -1701,15 +1700,10 @@ static int ipapwd_SetPassword(struct ipapwd_data *data)
|
|||||||
free(password);
|
free(password);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* use the default configured encoding */
|
/* let DS encode the password itself, this allows also other plugins to
|
||||||
userpwd = slapi_encode(data->password, NULL);
|
* intercept it to perform operations like synchronization with Active
|
||||||
if (!userpwd) {
|
* Directory domains through the replication plugin */
|
||||||
slapi_log_error(SLAPI_LOG_FATAL, "ipa_pwd_extop", "failed to make userPassword hash\n");
|
slapi_mods_add_string(smods, LDAP_MOD_REPLACE, "userPassword", data->password);
|
||||||
ret = LDAP_OPERATIONS_ERROR;
|
|
||||||
goto free_and_return;
|
|
||||||
}
|
|
||||||
|
|
||||||
slapi_mods_add_string(smods, LDAP_MOD_REPLACE, "userPassword", userpwd);
|
|
||||||
|
|
||||||
/* set password history */
|
/* set password history */
|
||||||
pwvals = ipapwd_setPasswordHistory(smods, data);
|
pwvals = ipapwd_setPasswordHistory(smods, data);
|
||||||
|
Loading…
Reference in New Issue
Block a user