************************************************************/
NTSTATUS check_password_complexity(const char *username,
+ const char *fullname,
const char *password,
enum samPwdChangeReason *samr_reject_reason)
{
return NT_STATUS_PASSWORD_RESTRICTION;
}
+ check_ret = setenv("SAMBA_CPS_ACCOUNT_NAME", username, 1);
+ if (check_ret != 0) {
+ return map_nt_error_from_unix_common(errno);
+ }
+ unsetenv("SAMBA_CPS_USER_PRINCIPAL_NAME");
+ if (fullname != NULL) {
+ check_ret = setenv("SAMBA_CPS_FULL_NAME", fullname, 1);
+ } else {
+ unsetenv("SAMBA_CPS_FULL_NAME");
+ }
+ if (check_ret != 0) {
+ return map_nt_error_from_unix_common(errno);
+ }
check_ret = smbrunsecret(cmd, password);
+ unsetenv("SAMBA_CPS_ACCOUNT_NAME");
+ unsetenv("SAMBA_CPS_USER_PRINCIPAL_NAME");
+ unsetenv("SAMBA_CPS_FULL_NAME");
DEBUG(5,("check_password_complexity: check password script (%s) "
"returned [%d]\n", cmd, check_ret));
TALLOC_FREE(cmd);
TALLOC_CTX *tosctx = talloc_tos();
struct passwd *pass = NULL;
const char *username = pdb_get_username(hnd);
+ const char *fullname = pdb_get_fullname(hnd);
time_t can_change_time = pdb_get_pass_can_change_time(hnd);
NTSTATUS status;
return NT_STATUS_ACCESS_DENIED;
}
- status = check_password_complexity(username, new_passwd, samr_reject_reason);
+ status = check_password_complexity(username,
+ fullname,
+ new_passwd,
+ samr_reject_reason);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(pass);
return status;
}
if (dom_pw_info->password_properties & DOMAIN_PASSWORD_COMPLEX) {
status = check_password_complexity(req->account.string,
+ NULL, /* full_name */
req->password.string,
NULL);
if (!NT_STATUS_IS_OK(status)) {
}
if (dom_pw_info->password_properties & DOMAIN_PASSWORD_COMPLEX) {
status = check_password_complexity(req->account.string,
+ NULL, /* full_name */
req->password.string,
NULL);
if (!NT_STATUS_IS_OK(status)) {