IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

When dealing with samba password set also the sambaPwdLastSet

Browse Source 
This attribute is required for samba to properly identify a user has changed
it's password and doesn't need to change it again at next login.

At the same time, if we are forcing a pssword reset we also need to let samba
know the user must change its password.
This commit is contained in:
Simo Sorce
2010-10-05 18:09:12 -04:00
parent ceb91a3f71
commit 475c064227
2 changed files with 47 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c
View File

@@ -351,6 +351,19 @@ static int ipapwd_pre_add(Slapi_PBlock *pb)
slapi_entry_attr_set_charptr(e, "sambaNTPassword", nt);
slapi_ch_free_string(&nt);
}
if (is_smb) {
/* with samba integration we need to also set sambaPwdLastSet or
* samba will decide the user has to change the password again */
if (pwdop->pwdata.changetype == IPA_CHANGETYPE_ADMIN) {
/* if it is an admin change instead we need to let know to
* samba as well that the use rmust change its password */
slapi_entry_attr_set_long(e, "sambaPwdLastset", 0L);
} else {
slapi_entry_attr_set_long(e, "sambaPwdLastset",
(long)pwdop->pwdata.timeNow);
}
}
}
rc = LDAP_SUCCESS;
@@ -736,6 +749,19 @@ static int ipapwd_pre_mod(Slapi_PBlock *pb)
"sambaNTPassword", nt);
slapi_ch_free_string(&nt);
}
if (is_smb) {
/* with samba integration we need to also set sambaPwdLastSet or
* samba will decide the user has to change the password again */
if (pwdop->pwdata.changetype == IPA_CHANGETYPE_ADMIN) {
/* if it is an admin change instead we need to let know to
* samba as well that the use rmust change its password */
slapi_entry_attr_set_long(e, "sambaPwdLastset", 0L);
} else {
slapi_entry_attr_set_long(e, "sambaPwdLastset",
(long)pwdop->pwdata.timeNow);
}
}
}
rc = LDAP_SUCCESS;