}
if (is_mod) {
- if (ldb_msg_add_empty(msg, "ntPwdHash", LDB_FLAG_MOD_REPLACE, NULL) != 0) {
+ if (ldb_msg_add_empty(msg, "unicodePwd", LDB_FLAG_MOD_REPLACE, NULL) != 0) {
return LDB_ERR_OPERATIONS_ERROR;
}
- if (ldb_msg_add_empty(msg, "lmPwdHash", LDB_FLAG_MOD_REPLACE, NULL) != 0) {
+ if (ldb_msg_add_empty(msg, "dBCSPwd", LDB_FLAG_MOD_REPLACE, NULL) != 0) {
return LDB_ERR_OPERATIONS_ERROR;
}
}
/* compute the new nt and lm hashes */
E_md4hash(sambaPassword, tmp_hash.hash);
- if (samdb_msg_add_hash(module->ldb, msg, msg, "ntPwdHash", &tmp_hash) != 0) {
+ if (samdb_msg_add_hash(module->ldb, msg, msg, "unicodePwd", &tmp_hash) != 0) {
return LDB_ERR_OPERATIONS_ERROR;
}
if (E_deshash(sambaPassword, tmp_hash.hash)) {
- if (samdb_msg_add_hash(module->ldb, msg, msg, "lmPwdHash", &tmp_hash) != 0) {
+ if (samdb_msg_add_hash(module->ldb, msg, msg, "dBCSPwd", &tmp_hash) != 0) {
return LDB_ERR_OPERATIONS_ERROR;
}
}
key.mkvno = 0;
key.salt = NULL; /* No salt for this enc type */
- ntPwdHash = samdb_result_hash(msg, msg, "ntPwdHash");
+ ntPwdHash = samdb_result_hash(msg, msg, "unicodePwd");
if (ntPwdHash == NULL) { /* what happened ?! */
return LDB_ERR_OPERATIONS_ERROR;
}
int lm_hist_len;
int i;
- nt_hash = samdb_result_hash(msg, old_msg, "ntPwdHash");
- lm_hash = samdb_result_hash(msg, old_msg, "lmPwdHash");
+ nt_hash = samdb_result_hash(msg, old_msg, "unicodePwd");
+ lm_hash = samdb_result_hash(msg, old_msg, "dBCSPwd");
/* if no previous passwords just return */
if (nt_hash == NULL && lm_hash == NULL) return LDB_SUCCESS;
- nt_hist_len = samdb_result_hashes(msg, old_msg, "sambaNTPwdHistory", &nt_history);
- lm_hist_len = samdb_result_hashes(msg, old_msg, "sambaLMPwdHistory", &lm_history);
+ nt_hist_len = samdb_result_hashes(msg, old_msg, "ntPwdHistory", &nt_history);
+ lm_hist_len = samdb_result_hashes(msg, old_msg, "lmPwdHistory", &lm_history);
/* We might not have an old NT password */
new_nt_history = talloc_array(msg, struct samr_Password, hlen);
} else {
ZERO_STRUCT(new_nt_history[0]);
}
- if (ldb_msg_add_empty(msg, "sambaNTPwdHistory", LDB_FLAG_MOD_REPLACE, NULL) != LDB_SUCCESS) {
+ if (ldb_msg_add_empty(msg, "ntPwdHistory", LDB_FLAG_MOD_REPLACE, NULL) != LDB_SUCCESS) {
return LDB_ERR_OPERATIONS_ERROR;
}
- if (samdb_msg_add_hashes(msg, msg, "sambaNTPwdHistory", new_nt_history, nt_hist_len) != LDB_SUCCESS) {
+ if (samdb_msg_add_hashes(msg, msg, "ntPwdHistory", new_nt_history, nt_hist_len) != LDB_SUCCESS) {
return LDB_ERR_OPERATIONS_ERROR;
}
} else {
ZERO_STRUCT(new_lm_history[0]);
}
- if (ldb_msg_add_empty(msg, "sambaLMPwdHistory", LDB_FLAG_MOD_REPLACE, NULL) != LDB_SUCCESS) {
+ if (ldb_msg_add_empty(msg, "lmPwdHistory", LDB_FLAG_MOD_REPLACE, NULL) != LDB_SUCCESS) {
return LDB_ERR_OPERATIONS_ERROR;
}
- if (samdb_msg_add_hashes(msg, msg, "sambaLMPwdHistory", new_lm_history, lm_hist_len) != LDB_SUCCESS) {
+ if (samdb_msg_add_hashes(msg, msg, "lmPwdHistory", new_lm_history, lm_hist_len) != LDB_SUCCESS) {
return LDB_ERR_OPERATIONS_ERROR;
}
}
/* nobody must touch password Histories */
- if (ldb_msg_find_element(req->op.add.message, "sambaNTPwdHistory") ||
- ldb_msg_find_element(req->op.add.message, "sambaLMPwdHistory")) {
+ if (ldb_msg_find_element(req->op.add.message, "ntPwdHistory") ||
+ ldb_msg_find_element(req->op.add.message, "lmPwdHistory")) {
return LDB_ERR_UNWILLING_TO_PERFORM;
}
* or LM hashes, then we don't need to make any changes. */
sambaAttr = ldb_msg_find_element(req->op.mod.message, "sambaPassword");
- ntAttr = ldb_msg_find_element(req->op.mod.message, "ntPwdHash");
- lmAttr = ldb_msg_find_element(req->op.mod.message, "lmPwdHash");
+ ntAttr = ldb_msg_find_element(req->op.mod.message, "unicodePwd");
+ lmAttr = ldb_msg_find_element(req->op.mod.message, "dBCSPwd");
if ((!sambaAttr) && (!ntAttr) && (!lmAttr)) {
return ldb_next_request(module, req);
}
/* nobody must touch password Histories */
- if (ldb_msg_find_element(req->op.mod.message, "sambaNTPwdHistory") ||
- ldb_msg_find_element(req->op.mod.message, "sambaLMPwdHistory")) {
+ if (ldb_msg_find_element(req->op.mod.message, "ntPwdHistory") ||
+ ldb_msg_find_element(req->op.mod.message, "lmPwdHistory")) {
return LDB_ERR_UNWILLING_TO_PERFORM;
}
sambaAttr = ldb_msg_find_element(req->op.mod.message, "sambaPassword");
- ntAttr = ldb_msg_find_element(req->op.mod.message, "ntPwdHash");
- lmAttr = ldb_msg_find_element(req->op.mod.message, "lmPwdHash");
+ ntAttr = ldb_msg_find_element(req->op.mod.message, "unicodePwd");
+ lmAttr = ldb_msg_find_element(req->op.mod.message, "dBCSPwd");
/* check passwords are single valued here */
/* TODO: remove this when passwords will be single valued in schema */
/* - remove any imodification to the password from the first commit
* we will make the real modification later */
if (sambaAttr) ldb_msg_remove_attr(msg, "sambaPassword");
- if (ntAttr) ldb_msg_remove_attr(msg, "ntPwdHash");
- if (lmAttr) ldb_msg_remove_attr(msg, "lmPwdHash");
+ if (ntAttr) ldb_msg_remove_attr(msg, "unicodePwd");
+ if (lmAttr) ldb_msg_remove_attr(msg, "dBCSPwd");
/* if there was nothing else to be modify skip to next step */
if (msg->num_elements == 0) {
static int password_hash_mod_search_self(struct ldb_handle *h) {
struct ph_context *ac;
- static const char * const attrs[] = { "userAccountControl", "sambaLMPwdHistory",
- "sambaNTPwdHistory",
+ static const char * const attrs[] = { "userAccountControl", "lmPwdHistory",
+ "ntPwdHistory",
"objectSid", "msDS-KeyVersionNumber",
"objectClass", "userPrincipalName",
"samAccountName",
- "lmPwdHash", "ntPwdHash",
+ "dBCSPwd", "unicodePwd",
NULL };
ac = talloc_get_type(h->private_data, struct ph_context);
if (!added_hashes) {
struct ldb_message_element *el;
- el = ldb_msg_find_element(ac->orig_req->op.mod.message, "ntPwdHash");
+ el = ldb_msg_find_element(ac->orig_req->op.mod.message, "unicodePwd");
if (ldb_msg_add(msg, el, el->flags) != 0) {
return LDB_ERR_OPERATIONS_ERROR;
}
- el = ldb_msg_find_element(ac->orig_req->op.mod.message, "lmPwdHash");
+ el = ldb_msg_find_element(ac->orig_req->op.mod.message, "dBCSPwd");
if (ldb_msg_add(msg, el, el->flags) != 0) {
return LDB_ERR_OPERATIONS_ERROR;
}
struct samr_Password *lmPwdHash, *ntPwdHash;
if (nt_pwd) {
int num_nt;
- num_nt = samdb_result_hashes(mem_ctx, msg, "ntPwdHash", &ntPwdHash);
+ num_nt = samdb_result_hashes(mem_ctx, msg, "unicodePwd", &ntPwdHash);
if (num_nt == 0) {
*nt_pwd = NULL;
} else if (num_nt > 1) {
}
if (lm_pwd) {
int num_lm;
- num_lm = samdb_result_hashes(mem_ctx, msg, "lmPwdHash", &lmPwdHash);
+ num_lm = samdb_result_hashes(mem_ctx, msg, "dBCSPwd", &lmPwdHash);
if (num_lm == 0) {
*lm_pwd = NULL;
} else if (num_lm > 1) {
enum samr_RejectReason *reject_reason,
struct samr_DomInfo1 **_dominfo)
{
- const char * const user_attrs[] = { "userAccountControl", "sambaLMPwdHistory",
- "sambaNTPwdHistory",
- "lmPwdHash", "ntPwdHash",
+ const char * const user_attrs[] = { "userAccountControl", "lmPwdHistory",
+ "ntPwdHistory",
+ "dBCSPwd", "unicodePwd",
"objectSid",
"pwdLastSet", NULL };
const char * const domain_attrs[] = { "pwdProperties", "pwdHistoryLength",
}
userAccountControl = samdb_result_uint(res[0], "userAccountControl", 0);
sambaLMPwdHistory_len = samdb_result_hashes(mem_ctx, res[0],
- "sambaLMPwdHistory", &sambaLMPwdHistory);
+ "lmPwdHistory", &sambaLMPwdHistory);
sambaNTPwdHistory_len = samdb_result_hashes(mem_ctx, res[0],
- "sambaNTPwdHistory", &sambaNTPwdHistory);
- lmPwdHash = samdb_result_hash(mem_ctx, res[0], "lmPwdHash");
- ntPwdHash = samdb_result_hash(mem_ctx, res[0], "ntPwdHash");
+ "ntPwdHistory", &sambaNTPwdHistory);
+ lmPwdHash = samdb_result_hash(mem_ctx, res[0], "dBCSPwd");
+ ntPwdHash = samdb_result_hash(mem_ctx, res[0], "unicodePwd");
pwdLastSet = samdb_result_uint64(res[0], "pwdLastSet", 0);
if (domain_dn) {
CHECK_RET(samdb_msg_add_delete(ctx, mem_ctx, mod, "sambaPassword"));
if (lmNewHash) {
- CHECK_RET(samdb_msg_add_hash(ctx, mem_ctx, mod, "lmPwdHash", lmNewHash));
+ CHECK_RET(samdb_msg_add_hash(ctx, mem_ctx, mod, "dBCSPwd", lmNewHash));
} else {
- CHECK_RET(samdb_msg_add_delete(ctx, mem_ctx, mod, "lmPwdHash"));
+ CHECK_RET(samdb_msg_add_delete(ctx, mem_ctx, mod, "dBCSPwd"));
}
if (ntNewHash) {
- CHECK_RET(samdb_msg_add_hash(ctx, mem_ctx, mod, "ntPwdHash", ntNewHash));
+ CHECK_RET(samdb_msg_add_hash(ctx, mem_ctx, mod, "unicodePwd", ntNewHash));
} else {
- CHECK_RET(samdb_msg_add_delete(ctx, mem_ctx, mod, "ntPwdHash"));
+ CHECK_RET(samdb_msg_add_delete(ctx, mem_ctx, mod, "unicodePwd"));
}
}