git.samba.org - garming/samba-autobuild/.git/commit

author	Tim Beale <timbeale@catalyst.net.nz>
	Wed, 18 Apr 2018 22:46:48 +0000 (10:46 +1200)
committer	Garming Sam <garming@samba.org>
	Wed, 23 May 2018 04:55:31 +0000 (06:55 +0200)
commit	3b849f87f7237a3677338075309abb1355a4d9ef
tree	596d305041ed4bfbcb1ea4f8ea431ae9603f1e23	tree
parent	0ac464df4543154ee8a1cbf03684d8b99bcb92b3	commit \| diff

dsdb: Update password_hash to use PSO settings for password changes

Honour the settings in the PSO when changing the password, i.e.
msDS-PasswordComplexityEnabled, msDS-PasswordHistoryLength, etc.

The password_hash code populates dsdb_control_password_change_status's
domain_data with the password settings to use - these are currently
based on the settings for the domain.

Now, if the password_hash code has worked out that a PSO applies to the
user, we override the domain settings with the PSO's values.

This change means the password_settings tests now pass.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

selftest/knownfail.d/password_hash_gpgme	[deleted file]	blob \| history
selftest/knownfail.d/password_settings		diff \| blob \| history
source4/dsdb/samdb/ldb_modules/password_hash.c		diff \| blob \| history