if (!io->ac->pwd_reset && !io->ac->change_old_pw_checked) {
bool nt_hash_checked = false;
- /* we need to old nt or lm hash given by the client */
+ /* we need the old nt or lm hash given by the client */
if (!io->og.nt_hash && !io->og.lm_hash) {
ldb_asprintf_errstring(ldb,
"check_password_restrictions: "
return LDB_ERR_UNWILLING_TO_PERFORM;
}
- /* refuse the change if someone wants to compare against both
- * hashes at the same time for a "password modify" operation... */
- if (io->og.nt_hash && io->og.lm_hash) {
- ldb_asprintf_errstring(ldb,
- "setup_io: "
- "it's only allowed to provide the old password in hash format as 'unicodePwd' or as 'dBCSPwd'");
- return LDB_ERR_UNWILLING_TO_PERFORM;
- }
-
/* Decides if we have a password modify or password reset operation */
if (ac->req->operation == LDB_ADD) {
/* On "add" we have only "password reset" */