enum samPwdChangeReason *samr_reject_reason)
{
TALLOC_CTX *tosctx = talloc_tos();
+ const struct loadparm_substitution *lp_sub =
+ loadparm_s3_global_substitution();
int check_ret;
char *cmd;
/* Use external script to check password complexity */
- if ((lp_check_password_script(tosctx) == NULL)
- || (*(lp_check_password_script(tosctx)) == '\0')) {
+ if ((lp_check_password_script(tosctx, lp_sub) == NULL)
+ || (*(lp_check_password_script(tosctx, lp_sub)) == '\0')){
return NT_STATUS_OK;
}
- cmd = talloc_string_sub(tosctx, lp_check_password_script(tosctx), "%u",
+ cmd = talloc_string_sub(tosctx, lp_check_password_script(tosctx, lp_sub), "%u",
username);
if (!cmd) {
return NT_STATUS_PASSWORD_RESTRICTION;
NTSTATUS _samr_GetUserPwInfo(struct pipes_struct *p,
struct samr_GetUserPwInfo *r)
{
+ const struct loadparm_substitution *lp_sub =
+ loadparm_s3_global_substitution();
struct samr_user_info *uinfo;
enum lsa_SidType sid_type;
uint32_t min_password_length = 0;
&password_properties);
unbecome_root();
- if (lp_check_password_script(talloc_tos())
- && *lp_check_password_script(talloc_tos())) {
+ if (lp_check_password_script(talloc_tos(), lp_sub)
+ && *lp_check_password_script(talloc_tos(), lp_sub)) {
password_properties |= DOMAIN_PASSWORD_COMPLEX;
}
enum samPwdChangeReason reject_reason;
struct samr_DomInfo1 *dominfo = NULL;
struct userPwdChangeFailureInformation *reject = NULL;
+ const struct loadparm_substitution *lp_sub =
+ loadparm_s3_global_substitution();
uint32_t tmp;
char *rhost;
unix_to_nt_time_abs((NTTIME *)&dominfo->max_password_age, u_expire);
unix_to_nt_time_abs((NTTIME *)&dominfo->min_password_age, u_min_age);
- if (lp_check_password_script(talloc_tos())
- && *lp_check_password_script(talloc_tos())) {
+ if (lp_check_password_script(talloc_tos(), lp_sub)
+ && *lp_check_password_script(talloc_tos(), lp_sub)) {
dominfo->password_properties |= DOMAIN_PASSWORD_COMPLEX;
}
static NTSTATUS query_dom_info_1(TALLOC_CTX *mem_ctx,
struct samr_DomInfo1 *r)
{
+ const struct loadparm_substitution *lp_sub =
+ loadparm_s3_global_substitution();
uint32_t account_policy_temp;
time_t u_expire, u_min_age;
unix_to_nt_time_abs((NTTIME *)&r->max_password_age, u_expire);
unix_to_nt_time_abs((NTTIME *)&r->min_password_age, u_min_age);
- if (lp_check_password_script(talloc_tos()) && *lp_check_password_script(talloc_tos())) {
+ if (lp_check_password_script(talloc_tos(), lp_sub) && *lp_check_password_script(talloc_tos(), lp_sub)){
r->password_properties |= DOMAIN_PASSWORD_COMPLEX;
}
NTSTATUS _samr_GetDomPwInfo(struct pipes_struct *p,
struct samr_GetDomPwInfo *r)
{
+ const struct loadparm_substitution *lp_sub =
+ loadparm_s3_global_substitution();
uint32_t min_password_length = 0;
uint32_t password_properties = 0;
&password_properties);
unbecome_root();
- if (lp_check_password_script(talloc_tos()) && *lp_check_password_script(talloc_tos())) {
+ if (lp_check_password_script(talloc_tos(), lp_sub) && *lp_check_password_script(talloc_tos(), lp_sub)) {
password_properties |= DOMAIN_PASSWORD_COMPLEX;
}
const uint32_t pwdProperties,
const uint32_t minPwdLength)
{
+ const struct loadparm_substitution *lp_sub =
+ lpcfg_noop_substitution();
char *password_script = NULL;
const char *utf8_pw = (const char *)utf8_blob->data;
return SAMR_VALIDATION_STATUS_NOT_COMPLEX_ENOUGH;
}
- password_script = lpcfg_check_password_script(lp_ctx, mem_ctx);
+ password_script = lpcfg_check_password_script(lp_ctx, lp_sub, mem_ctx);
if (password_script != NULL && *password_script != '\0') {
int check_ret = 0;
int error = 0;