#define BIT_IMPORT 0x01000000
#define BIT_EXPORT 0x02000000
#define BIT_FIX_INIT 0x04000000
+#define BIT_BADPWRESET 0x08000000
#define MASK_ALWAYS_GOOD 0x0000001F
#define MASK_USER_GOOD 0x00401F00
tmp = pdb_get_pass_must_change_time(sam_pwent);
printf ("Password must change: %s\n", tmp ? http_timestring(tmp) : "0");
+
+ tmp = pdb_get_bad_password_time(sam_pwent);
+ printf ("Last bad password : %s\n", tmp ? http_timestring(tmp) : "0");
+ printf ("Bad password count : %d\n",
+ pdb_get_bad_password_count(sam_pwent));
} else if (smbpwdstyle) {
char lm_passwd[33];
const char *fullname, const char *homedir,
const char *drive, const char *script,
const char *profile, const char *account_control,
- const char *user_sid, const char *group_sid)
+ const char *user_sid, const char *group_sid,
+ const BOOL badpw)
{
SAM_ACCOUNT *sam_pwent=NULL;
BOOL ret;
}
pdb_set_group_sid (sam_pwent, &g_sid, PDB_CHANGED);
}
+
+ if (badpw) {
+ pdb_set_bad_password_count(sam_pwent, 0, PDB_CHANGED);
+ pdb_set_bad_password_time(sam_pwent, 0, PDB_CHANGED);
+ }
if (NT_STATUS_IS_OK(in->pdb_update_sam_account (in, sam_pwent)))
print_user_info (in, username, True, False);
static char *group_sid = NULL;
static long int account_policy_value = 0;
BOOL account_policy_value_set = False;
+ static BOOL badpw_reset = False;
struct pdb_context *bin;
struct pdb_context *bout;
{"value", 'C', POPT_ARG_LONG, &account_policy_value, 'C',"set the account policy to this value", NULL},
{"account-control", 'c', POPT_ARG_STRING, &account_control, 0, "Values of account control", NULL},
{"force-initialized-passwords", 0, POPT_ARG_NONE, &force_initialised_password, 0, "Force initialization of corrupt password strings in a passdb backend", NULL},
+ {"bad-password-count-reset", 'z', POPT_ARG_NONE, &badpw_reset, 0, "reset bad password count", NULL},
POPT_COMMON_SAMBA
POPT_TABLEEND
};
(account_policy ? BIT_ACCPOLICY : 0) +
(account_policy_value_set ? BIT_ACCPOLVAL : 0) +
(backend_in ? BIT_IMPORT : 0) +
- (backend_out ? BIT_EXPORT : 0);
+ (backend_out ? BIT_EXPORT : 0) +
+ (badpw_reset ? BIT_BADPWRESET : 0);
if (setparms & BIT_BACKEND) {
if (!NT_STATUS_IS_OK(make_pdb_context_string(&bdef, backend))) {
/* mask out users options */
checkparms &= ~MASK_USER_GOOD;
+
+ /* if bad password count is reset, we must be modifying */
+ if (checkparms & BIT_BADPWRESET) {
+ checkparms |= BIT_MODIFY;
+ checkparms &= ~BIT_BADPWRESET;
+ }
/* account operation */
if ((checkparms & BIT_CREATE) || (checkparms & BIT_MODIFY) || (checkparms & BIT_DELETE)) {
home_drive,
logon_script,
profile_path, account_control,
- user_sid, group_sid);
+ user_sid, group_sid,
+ badpw_reset);
}
}