git.samba.org / bbaumbach / samba-autobuild / .git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4920d21)
Nice *big* patch from metze.
authorAndrew Bartlett <abartlet@samba.org>
Sat, 12 Oct 2002 03:38:07 +0000 (03:38 +0000)
committerAndrew Bartlett <abartlet@samba.org>
Sat, 12 Oct 2002 03:38:07 +0000 (03:38 +0000)
The actual design change is relitivly small however:

It all goes back to jerry's 'BOOL store', added to many of the elements in a
SAM_ACCOUNT.  This ensured that smb.conf defaults did not get 'fixed' into
ldap.  This was a great win for admins, and this patch follows in the same way.

This patch extends the concept - we don't store values back into LDAP unless
they have been changed.  So if we read a value, but don't update it, or we
read a value, find it's not there and use a default, we will not update
ldap with that value.  This reduced clutter in our LDAP DB, and makes it
easier to change defaults later on.

Metze's particular problem was that when we 'write back' an unchanged value,
we would clear any muliple values in that feild.  Now he can still have his
mulitivalued 'uid' feild, without Samba changing it for *every* other
operation.

This also applies to many other attributes, and helps to eliminate a nasty
race condition.  (Time between get and set)

This patch is big, and needs more testing, but metze has tested usrmgr, and
I've fixed some pdbedit bugs, and tested domain joins, so it isn't compleatly
flawed ;-).

The same system will be introduced into the SAM code shortly, but this fixes
bugs that people were coming across in production uses of Samba 3.0/HEAD, hence
it's inclusion here.

Andrew Bartlett
(This used to be commit 7f237bde212eb188df84a5d8adb598a93fba8155)

20 files changed:
source3/auth/auth_unix.c patch | blob | history
source3/auth/auth_util.c patch | blob | history
source3/include/passdb.h patch | blob | history
source3/include/smb.h patch | blob | history
source3/lib/bitmap.c patch | blob | history
source3/passdb/passdb.c patch | blob | history
source3/passdb/pdb_compat.c patch | blob | history
source3/passdb/pdb_get_set.c patch | blob | history
source3/passdb/pdb_ldap.c patch | blob | history
source3/passdb/pdb_nisplus.c patch | blob | history
source3/passdb/pdb_smbpasswd.c patch | blob | history
source3/passdb/pdb_tdb.c patch | blob | history
source3/rpc_parse/parse_samr.c patch | blob | history
source3/rpc_server/srv_netlog_nt.c patch | blob | history
source3/rpc_server/srv_samr_nt.c patch | blob | history
source3/rpc_server/srv_samr_util.c patch | blob | history
source3/smbd/chgpasswd.c patch | blob | history
source3/smbd/password.c patch | blob | history
source3/utils/net_rpc_samsync.c patch | blob | history
source3/utils/pdbedit.c patch | blob | history

diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c
index 6f4b3f8b15bb95ac98161f45ce470ba39af4fc7e..1251432b871462ebb187ea8991e54f85761fda10 100644 (file)
--- a/source3/auth/auth_unix.c
+++ b/source3/auth/auth_unix.c
@@ -49,7 +49,7 @@ static BOOL update_smbpassword_file(const char *user, const char *password)
         * Remove the account disabled flag - we are updating the
         * users password from a login.
         */
-       if (!pdb_set_acct_ctrl(sampass, pdb_get_acct_ctrl(sampass) & ~ACB_DISABLED)) {
+       if (!pdb_set_acct_ctrl(sampass, pdb_get_acct_ctrl(sampass) & ~ACB_DISABLED, PDB_CHANGED)) {
                pdb_free_sam(&sampass);
                return False;
        }
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index ce5fd32337b0891217130c1083c1f5b31ed8f1b1..b14344ef50f4fe2103c1ea32d8a72271f300b886 100644 (file)
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -931,47 +931,47 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
                return nt_status;
        }
                
-       if (!pdb_set_user_sid(sam_account, &user_sid)) {
+       if (!pdb_set_user_sid(sam_account, &user_sid, PDB_CHANGED)) {
                pdb_free_sam(&sam_account);
                return NT_STATUS_UNSUCCESSFUL;
        }
 
-       if (!pdb_set_group_sid(sam_account, &group_sid)) {
+       if (!pdb_set_group_sid(sam_account, &group_sid, PDB_CHANGED)) {
                pdb_free_sam(&sam_account);
                return NT_STATUS_UNSUCCESSFUL;
        }
                
-       if (!pdb_set_nt_username(sam_account, nt_username)) {
+       if (!pdb_set_nt_username(sam_account, nt_username, PDB_CHANGED)) {
                pdb_free_sam(&sam_account);
                return NT_STATUS_NO_MEMORY;
        }
 
-       if (!pdb_set_domain(sam_account, nt_domain)) {
+       if (!pdb_set_domain(sam_account, nt_domain, PDB_CHANGED)) {
                pdb_free_sam(&sam_account);
                return NT_STATUS_NO_MEMORY;
        }
 
-       if (!pdb_set_fullname(sam_account, pdb_unistr2_convert(&(info3->uni_full_name)))) {
+       if (!pdb_set_fullname(sam_account, pdb_unistr2_convert(&(info3->uni_full_name)), PDB_CHANGED)) {
                pdb_free_sam(&sam_account);
                return NT_STATUS_NO_MEMORY;
        }
 
-       if (!pdb_set_logon_script(sam_account, pdb_unistr2_convert(&(info3->uni_logon_script)), True)) {
+       if (!pdb_set_logon_script(sam_account, pdb_unistr2_convert(&(info3->uni_logon_script)), PDB_CHANGED)) {
                pdb_free_sam(&sam_account);
                return NT_STATUS_NO_MEMORY;
        }
 
-       if (!pdb_set_profile_path(sam_account, pdb_unistr2_convert(&(info3->uni_profile_path)), True)) {
+       if (!pdb_set_profile_path(sam_account, pdb_unistr2_convert(&(info3->uni_profile_path)), PDB_CHANGED)) {
                pdb_free_sam(&sam_account);
                return NT_STATUS_NO_MEMORY;
        }
 
-       if (!pdb_set_homedir(sam_account, pdb_unistr2_convert(&(info3->uni_home_dir)), True)) {
+       if (!pdb_set_homedir(sam_account, pdb_unistr2_convert(&(info3->uni_home_dir)), PDB_CHANGED)) {
                pdb_free_sam(&sam_account);
                return NT_STATUS_NO_MEMORY;
        }
 
-       if (!pdb_set_dir_drive(sam_account, pdb_unistr2_convert(&(info3->uni_dir_drive)), True)) {
+       if (!pdb_set_dir_drive(sam_account, pdb_unistr2_convert(&(info3->uni_dir_drive)), PDB_CHANGED)) {
                pdb_free_sam(&sam_account);
                return NT_STATUS_NO_MEMORY;
        }
diff --git a/source3/include/passdb.h b/source3/include/passdb.h
index 0c694987fe5292269baabdbcc9f81a2bd6824d14..32f416de4a07a7961d8428ada805ca788352fe09 100644 (file)
--- a/source3/include/passdb.h
+++ b/source3/include/passdb.h
@@ -32,7 +32,7 @@
  * this SAMBA will load. Increment this if *ANY* changes are made to the interface. 
  */
 
-#define PASSDB_INTERFACE_VERSION 2
+#define PASSDB_INTERFACE_VERSION 3
 
 /* use this inside a passdb module */
 #define PDB_MODULE_VERSIONING_MAGIC \
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 822f2485dd5981f2db06020a5a142f83dbcc2e8d..da83aaff47f71e82da9fa62abbcafc3a9f87421d 100644 (file)
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -569,25 +569,59 @@ typedef struct {
 /*
  * bit flags representing initialized fields in SAM_ACCOUNT
  */
-#define FLAG_SAM_UNINIT                0x00000000
-#define FLAG_SAM_UID           0x00000001
-#define FLAG_SAM_GID           0x00000002
-#define FLAG_SAM_SMBHOME       0x00000004
-#define FLAG_SAM_PROFILE       0x00000008
-#define FLAG_SAM_DRIVE          0x00000010
-#define FLAG_SAM_LOGONSCRIPT   0x00000020
-#define FLAG_SAM_LOGONTIME     0x00000040
-#define FLAG_SAM_LOGOFFTIME    0x00000080
-#define FLAG_SAM_KICKOFFTIME   0x00000100
-#define FLAG_SAM_CANCHANGETIME 0x00000200
-#define FLAG_SAM_MUSTCHANGETIME        0x00000400
-#define FLAG_SAM_PLAINTEXT_PW   0x00000800
+enum pdb_elements {
+       PDB_UNINIT,
+       PDB_UID,
+       PDB_GID,
+       PDB_SMBHOME,
+       PDB_PROFILE,
+       PDB_DRIVE,
+       PDB_LOGONSCRIPT,
+       PDB_LOGONTIME,
+       PDB_LOGOFFTIME,
+       PDB_KICKOFFTIME,
+       PDB_CANCHANGETIME,
+       PDB_MUSTCHANGETIME,
+       PDB_PLAINTEXT_PW,
+       PDB_USERNAME,
+       PDB_FULLNAME,
+       PDB_DOMAIN,
+       PDB_NTUSERNAME,
+       PDB_HOURSLEN,
+       PDB_LOGONDIVS,
+       PDB_USERSID,
+       PDB_GROUPSID,
+       PDB_ACCTCTRL,
+       PDB_PASSLASTSET,
+       PDB_UNIXHOMEDIR,
+       PDB_ACCTDESC,
+       PDB_WORKSTATIONS,
+       PDB_UNKNOWNSTR,
+       PDB_MUNGEDDIAL,
+       PDB_HOURS,
+       PDB_UNKNOWN3,
+       PDB_UNKNOWN5,
+       PDB_UNKNOWN6,
+       PDB_LMPASSWD,
+       PDB_NTPASSWD,
+
+       /* this must be the last element */
+       PDB_COUNT,
+};
+
+enum pdb_value_state {
+       PDB_DEFAULT=0,
+       PDB_SET,
+       PDB_CHANGED
+};
 
 #define IS_SAM_UNIX_USER(x) \
-       ((pdb_get_init_flag(x) & FLAG_SAM_UID) \
-        && (pdb_get_init_flag(x) & FLAG_SAM_GID))
+       (( pdb_get_init_flags(x, PDB_UID) != PDB_DEFAULT ) \
+        && ( pdb_get_init_flags(x,PDB_GID) != PDB_DEFAULT ))
 
-#define IS_SAM_SET(x, flag)    ((x)->private.init_flag & (flag))
+#define IS_SAM_SET(x, flag)    (pdb_get_init_flags(x, flag) == PDB_SET)
+#define IS_SAM_CHANGED(x, flag)        (pdb_get_init_flags(x, flag) == PDB_CHANGED)
+#define IS_SAM_DEFAULT(x, flag)        (pdb_get_init_flags(x, flag) == PDB_DEFAULT)
                
 typedef struct sam_passwd
 {
@@ -599,8 +633,9 @@ typedef struct sam_passwd
 
        struct user_data {
                /* initiailization flags */
-               uint32 init_flag;
-               
+               struct bitmap *change_flags;
+               struct bitmap *set_flags;
+
                time_t logon_time;            /* logon time */
                time_t logoff_time;           /* logoff time */
                time_t kickoff_time;          /* kickoff time */
diff --git a/source3/lib/bitmap.c b/source3/lib/bitmap.c
index 8121c38bd5b1b0baa788b89faf7674b72f30bd82..26d21d085f685111ed804cc6c3deb6852f4b8139 100644 (file)
--- a/source3/lib/bitmap.c
+++ b/source3/lib/bitmap.c
@@ -59,6 +59,30 @@ void bitmap_free(struct bitmap *bm)
        SAFE_FREE(bm);
 }
 
+/****************************************************************************
+talloc a bitmap
+****************************************************************************/
+struct bitmap *bitmap_talloc(TALLOC_CTX *mem_ctx, int n)
+{
+       struct bitmap *bm;
+
+       if (!mem_ctx) return NULL;
+
+       bm = (struct bitmap *)talloc(mem_ctx, sizeof(*bm));
+
+       if (!bm) return NULL;
+       
+       bm->n = n;
+       bm->b = (uint32 *)talloc(mem_ctx, sizeof(bm->b[0])*(n+31)/32);
+       if (!bm->b) {
+               return NULL;
+       }
+
+       memset(bm->b, 0, sizeof(bm->b[0])*(n+31)/32);
+
+       return bm;
+}
+
 /****************************************************************************
 set a bit in a bitmap
 ****************************************************************************/
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index 2d8ea858aa411e35ea4506c6d1817986e3569724..9402f0c94c83aae447729b636eb279809a111a96 100644 (file)
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -45,7 +45,6 @@ static void pdb_fill_default_sam(SAM_ACCOUNT *user)
         /* Don't change these timestamp settings without a good reason.
            They are important for NT member server compatibility. */
 
-       user->private.init_flag             = FLAG_SAM_UNINIT;
        user->private.uid = user->private.gid       = -1;
 
        user->private.logon_time            = (time_t)0;
@@ -177,15 +176,15 @@ NTSTATUS pdb_fill_sam_pw(SAM_ACCOUNT *sam_account, const struct passwd *pwd)
 
        pdb_fill_default_sam(sam_account);
 
-       pdb_set_username(sam_account, pwd->pw_name);
-       pdb_set_fullname(sam_account, pwd->pw_gecos);
+       pdb_set_username(sam_account, pwd->pw_name, PDB_SET);
+       pdb_set_fullname(sam_account, pwd->pw_gecos, PDB_SET);
 
-       pdb_set_unix_homedir(sam_account, pwd->pw_dir);
+       pdb_set_unix_homedir(sam_account, pwd->pw_dir, PDB_SET);
 
-       pdb_set_domain (sam_account, lp_workgroup());
+       pdb_set_domain (sam_account, lp_workgroup(), PDB_DEFAULT);
 
-       pdb_set_uid(sam_account, pwd->pw_uid);
-       pdb_set_gid(sam_account, pwd->pw_gid);
+       pdb_set_uid(sam_account, pwd->pw_uid, PDB_SET);
+       pdb_set_gid(sam_account, pwd->pw_gid, PDB_SET);
        
        /* When we get a proper uid -> SID and SID -> uid allocation
           mechinism, we should call it here.  
@@ -200,29 +199,29 @@ NTSTATUS pdb_fill_sam_pw(SAM_ACCOUNT *sam_account, const struct passwd *pwd)
 
        /* Ensure this *must* be set right */
        if (strcmp(pwd->pw_name, guest_account) == 0) {
-               if (!pdb_set_user_sid_from_rid(sam_account, DOMAIN_USER_RID_GUEST)) {
+               if (!pdb_set_user_sid_from_rid(sam_account, DOMAIN_USER_RID_GUEST, PDB_DEFAULT)) {
                        return NT_STATUS_UNSUCCESSFUL;
                }
-               if (!pdb_set_group_sid_from_rid(sam_account, DOMAIN_GROUP_RID_GUESTS)) {
+               if (!pdb_set_group_sid_from_rid(sam_account, DOMAIN_GROUP_RID_GUESTS, PDB_DEFAULT)) {
                        return NT_STATUS_UNSUCCESSFUL;
                }
        } else {
 
                if (!pdb_set_user_sid_from_rid(sam_account, 
-                                              fallback_pdb_uid_to_user_rid(pwd->pw_uid))) {
+                                              fallback_pdb_uid_to_user_rid(pwd->pw_uid), PDB_SET)) {
                        DEBUG(0,("Can't set User SID from RID!\n"));
                        return NT_STATUS_INVALID_PARAMETER;
                }
                
                /* call the mapping code here */
                if(get_group_map_from_gid(pwd->pw_gid, &map, MAPPING_WITHOUT_PRIV)) {
-                       if (!pdb_set_group_sid(sam_account,&map.sid)){
+                       if (!pdb_set_group_sid(sam_account,&map.sid, PDB_SET)){
                                DEBUG(0,("Can't set Group SID!\n"));
                                return NT_STATUS_INVALID_PARAMETER;
                        }
                } 
                else {
-                       if (!pdb_set_group_sid_from_rid(sam_account,pdb_gid_to_group_rid(pwd->pw_gid))) {
+                       if (!pdb_set_group_sid_from_rid(sam_account,pdb_gid_to_group_rid(pwd->pw_gid), PDB_SET)) {
                                DEBUG(0,("Can't set Group SID\n"));
                                return NT_STATUS_INVALID_PARAMETER;
                        }
@@ -237,34 +236,34 @@ NTSTATUS pdb_fill_sam_pw(SAM_ACCOUNT *sam_account, const struct passwd *pwd)
                                                            lp_logon_path(), 
                                                            pwd->pw_name, global_myname, 
                                                            pwd->pw_uid, pwd->pw_gid), 
-                                    False);
+                                    PDB_DEFAULT);
                
                pdb_set_homedir(sam_account, 
                                talloc_sub_specified((sam_account)->mem_ctx, 
                                                       lp_logon_home(),
                                                       pwd->pw_name, global_myname, 
                                                       pwd->pw_uid, pwd->pw_gid),
-                               False);
+                               PDB_DEFAULT);
                
                pdb_set_dir_drive(sam_account, 
                                  talloc_sub_specified((sam_account)->mem_ctx, 
                                                         lp_logon_drive(),
                                                         pwd->pw_name, global_myname, 
                                                         pwd->pw_uid, pwd->pw_gid),
-                                 False);
+                                 PDB_DEFAULT);
                
                pdb_set_logon_script(sam_account, 
                                     talloc_sub_specified((sam_account)->mem_ctx, 
                                                            lp_logon_script(),
                                                            pwd->pw_name, global_myname, 
                                                            pwd->pw_uid, pwd->pw_gid), 
-                                    False);
-               if (!pdb_set_acct_ctrl(sam_account, ACB_NORMAL)) {
+                                    PDB_DEFAULT);
+               if (!pdb_set_acct_ctrl(sam_account, ACB_NORMAL, PDB_DEFAULT)) {
                        DEBUG(1, ("Failed to set 'normal account' flags for user %s.\n", pwd->pw_name));
                        return NT_STATUS_UNSUCCESSFUL;
                }
        } else {
-               if (!pdb_set_acct_ctrl(sam_account, ACB_WSTRUST)) {
+               if (!pdb_set_acct_ctrl(sam_account, ACB_WSTRUST, PDB_DEFAULT)) {
                        DEBUG(1, ("Failed to set 'trusted workstation account' flags for user %s.\n", pwd->pw_name));
                        return NT_STATUS_UNSUCCESSFUL;
                }
@@ -842,7 +841,7 @@ BOOL local_sid_to_uid(uid_t *puid, const DOM_SID *psid, enum SID_NAME_USE *name_
        
        if (pdb_getsampwsid(sam_user, psid)) {
                
-               if (!(pdb_get_init_flag(sam_user) & FLAG_SAM_UID)) { 
+               if (!IS_SAM_SET(sam_user,PDB_UID)&&!IS_SAM_CHANGED(sam_user,PDB_UID)) {
                        pdb_free_sam(&sam_user);
                        return False;
                }
@@ -1037,7 +1036,7 @@ BOOL local_password_change(const char *user_name, int local_flags,
                                return False;
                        }
 
-                       if (!pdb_set_username(sam_pass, user_name)) {
+                       if (!pdb_set_username(sam_pass, user_name, PDB_CHANGED)) {
                                slprintf(err_str, err_str_len - 1, "Failed to set username for user %s.\n", user_name);
                                pdb_free_sam(&sam_pass);
                                return False;
@@ -1051,19 +1050,19 @@ BOOL local_password_change(const char *user_name, int local_flags,
        /* the 'other' acb bits not being changed here */
        other_acb =  (pdb_get_acct_ctrl(sam_pass) & (!(ACB_WSTRUST|ACB_DOMTRUST|ACB_SVRTRUST|ACB_NORMAL)));
        if (local_flags & LOCAL_TRUST_ACCOUNT) {
-               if (!pdb_set_acct_ctrl(sam_pass, ACB_WSTRUST | other_acb) ) {
+               if (!pdb_set_acct_ctrl(sam_pass, ACB_WSTRUST | other_acb, PDB_CHANGED) ) {
                        slprintf(err_str, err_str_len - 1, "Failed to set 'trusted workstation account' flags for user %s.\n", user_name);
                        pdb_free_sam(&sam_pass);
                        return False;
                }
        } else if (local_flags & LOCAL_INTERDOM_ACCOUNT) {
-               if (!pdb_set_acct_ctrl(sam_pass, ACB_DOMTRUST | other_acb)) {
+               if (!pdb_set_acct_ctrl(sam_pass, ACB_DOMTRUST | other_acb, PDB_CHANGED)) {
                        slprintf(err_str, err_str_len - 1, "Failed to set 'domain trust account' flags for user %s.\n", user_name);
                        pdb_free_sam(&sam_pass);
                        return False;
                }
        } else {
-               if (!pdb_set_acct_ctrl(sam_pass, ACB_NORMAL | other_acb)) {
+               if (!pdb_set_acct_ctrl(sam_pass, ACB_NORMAL | other_acb, PDB_CHANGED)) {
                        slprintf(err_str, err_str_len - 1, "Failed to set 'normal account' flags for user %s.\n", user_name);
                        pdb_free_sam(&sam_pass);
                        return False;
@@ -1076,13 +1075,13 @@ BOOL local_password_change(const char *user_name, int local_flags,
         */
 
        if (local_flags & LOCAL_DISABLE_USER) {
-               if (!pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)|ACB_DISABLED)) {
+               if (!pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)|ACB_DISABLED, PDB_CHANGED)) {
                        slprintf(err_str, err_str_len-1, "Failed to set 'disabled' flag for user %s.\n", user_name);
                        pdb_free_sam(&sam_pass);
                        return False;
                }
        } else if (local_flags & LOCAL_ENABLE_USER) {
-               if (!pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_DISABLED))) {
+               if (!pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_DISABLED), PDB_CHANGED)) {
                        slprintf(err_str, err_str_len-1, "Failed to unset 'disabled' flag for user %s.\n", user_name);
                        pdb_free_sam(&sam_pass);
                        return False;
@@ -1090,7 +1089,7 @@ BOOL local_password_change(const char *user_name, int local_flags,
        }
        
        if (local_flags & LOCAL_SET_NO_PASSWORD) {
-               if (!pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)|ACB_PWNOTREQ)) {
+               if (!pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)|ACB_PWNOTREQ, PDB_CHANGED)) {
                        slprintf(err_str, err_str_len-1, "Failed to set 'no password required' flag for user %s.\n", user_name);
                        pdb_free_sam(&sam_pass);
                        return False;
@@ -1106,13 +1105,13 @@ BOOL local_password_change(const char *user_name, int local_flags,
                 * don't create them disabled). JRA.
                 */
                if ((pdb_get_lanman_passwd(sam_pass)==NULL) && (pdb_get_acct_ctrl(sam_pass)&ACB_DISABLED)) {
-                       if (!pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_DISABLED))) {
+                       if (!pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_DISABLED), PDB_CHANGED)) {
                                slprintf(err_str, err_str_len-1, "Failed to unset 'disabled' flag for user %s.\n", user_name);
                                pdb_free_sam(&sam_pass);
                                return False;
                        }
                }
-               if (!pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_PWNOTREQ))) {
+               if (!pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_PWNOTREQ), PDB_CHANGED)) {
                        slprintf(err_str, err_str_len-1, "Failed to unset 'no password required' flag for user %s.\n", user_name);
                        pdb_free_sam(&sam_pass);
                        return False;
diff --git a/source3/passdb/pdb_compat.c b/source3/passdb/pdb_compat.c
index 713c92e3ac0a929063e3cae55914ef747c31c1c0..abd572a7c1452c8cf308db35fc0634c2563fdf63 100644 (file)
--- a/source3/passdb/pdb_compat.c
+++ b/source3/passdb/pdb_compat.c
@@ -48,7 +48,7 @@ uint32 pdb_get_group_rid (const SAM_ACCOUNT *sampass)
        return (0);
 }
 
-BOOL pdb_set_user_sid_from_rid (SAM_ACCOUNT *sampass, uint32 rid)
+BOOL pdb_set_user_sid_from_rid (SAM_ACCOUNT *sampass, uint32 rid, enum pdb_value_state flag)
 {
        DOM_SID u_sid;
        const DOM_SID *global_sam_sid;
@@ -66,7 +66,7 @@ BOOL pdb_set_user_sid_from_rid (SAM_ACCOUNT *sampass, uint32 rid)
        if (!sid_append_rid(&u_sid, rid))
                return False;
 
-       if (!pdb_set_user_sid(sampass, &u_sid))
+       if (!pdb_set_user_sid(sampass, &u_sid, flag))
                return False;
 
        DEBUG(10, ("pdb_set_user_sid_from_rid:\n\tsetting user sid %s from rid %d\n", 
@@ -75,7 +75,7 @@ BOOL pdb_set_user_sid_from_rid (SAM_ACCOUNT *sampass, uint32 rid)
        return True;
 }
 
-BOOL pdb_set_group_sid_from_rid (SAM_ACCOUNT *sampass, uint32 grid)
+BOOL pdb_set_group_sid_from_rid (SAM_ACCOUNT *sampass, uint32 grid, enum pdb_value_state flag)
 {
        DOM_SID g_sid;
        const DOM_SID *global_sam_sid;
@@ -93,7 +93,7 @@ BOOL pdb_set_group_sid_from_rid (SAM_ACCOUNT *sampass, uint32 grid)
        if (!sid_append_rid(&g_sid, grid))
                return False;
 
-       if (!pdb_set_group_sid(sampass, &g_sid))
+       if (!pdb_set_group_sid(sampass, &g_sid, flag))
                return False;
 
        DEBUG(10, ("pdb_set_group_sid_from_rid:\n\tsetting group sid %s from rid %d\n", 
diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c
index 07474693ddf2bbefbbb95d736452ea5b2d0df2b1..5dfa8667feca8914756324759a84fcee7cf18b55 100644 (file)
--- a/source3/passdb/pdb_get_set.c
+++ b/source3/passdb/pdb_get_set.c
@@ -37,7 +37,7 @@
 #define PDB_NOT_QUITE_NULL ""
 
 /*********************************************************************
- Collection of get...() functions for SAM_ACCOUNT_INFO.
+ Collection of get...() functions for SAM_ACCOUNT.
  ********************************************************************/
 
 uint16 pdb_get_acct_ctrl (const SAM_ACCOUNT *sampass)
@@ -178,12 +178,28 @@ const DOM_SID *pdb_get_group_sid(const SAM_ACCOUNT *sampass)
  * @return the flags indicating the members initialised in the struct.
  **/
  
-uint32 pdb_get_init_flag (const SAM_ACCOUNT *sampass)
+enum pdb_value_state pdb_get_init_flags (const SAM_ACCOUNT *sampass, enum pdb_elements element)
 {
-        if (sampass)
-               return sampass->private.init_flag;
-       else 
-                return FLAG_SAM_UNINIT;
+       enum pdb_value_state ret = PDB_DEFAULT;
+       
+        if (!sampass || !sampass->private.change_flags || !sampass->private.set_flags)
+               return ret;
+               
+        if (bitmap_query(sampass->private.set_flags, element)) {
+               DEBUG(10, ("element %d: SET\n", element)); 
+               ret = PDB_SET;
+       }
+               
+        if (bitmap_query(sampass->private.change_flags, element)) {
+               DEBUG(10, ("element %d: CHANGED\n", element)); 
+               ret = PDB_CHANGED;
+       }
+
+       if (ret == PDB_DEFAULT) {
+               DEBUG(10, ("element %d: DEFAULT\n", element)); 
+       }
+
+        return ret;
 }
 
 uid_t pdb_get_uid (const SAM_ACCOUNT *sampass)
@@ -306,7 +322,7 @@ const char* pdb_get_munged_dial (const SAM_ACCOUNT *sampass)
                return (NULL);
 }
 
-uint32 pdb_get_unknown3 (const SAM_ACCOUNT *sampass)
+uint32 pdb_get_unknown_3 (const SAM_ACCOUNT *sampass)
 {
        if (sampass)
                return (sampass->private.unknown_3);
@@ -314,7 +330,7 @@ uint32 pdb_get_unknown3 (const SAM_ACCOUNT *sampass)
                return (-1);
 }
 
-uint32 pdb_get_unknown5 (const SAM_ACCOUNT *sampass)
+uint32 pdb_get_unknown_5 (const SAM_ACCOUNT *sampass)
 {
        if (sampass)
                return (sampass->private.unknown_5);
@@ -322,7 +338,7 @@ uint32 pdb_get_unknown5 (const SAM_ACCOUNT *sampass)
                return (-1);
 }
 
-uint32 pdb_get_unknown6 (const SAM_ACCOUNT *sampass)
+uint32 pdb_get_unknown_6 (const SAM_ACCOUNT *sampass)
 {
        if (sampass)
                return (sampass->private.unknown_6);
@@ -331,113 +347,97 @@ uint32 pdb_get_unknown6 (const SAM_ACCOUNT *sampass)
 }
 
 /*********************************************************************
- Collection of set...() functions for SAM_ACCOUNT_INFO.
+ Collection of set...() functions for SAM_ACCOUNT.
  ********************************************************************/
 
-BOOL pdb_set_acct_ctrl (SAM_ACCOUNT *sampass, uint16 flags)
+BOOL pdb_set_acct_ctrl (SAM_ACCOUNT *sampass, uint16 acct_ctrl, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
                
-       if (sampass) {
-               sampass->private.acct_ctrl = flags;
-               return True;
-       }
-       
-       return False;
+       sampass->private.acct_ctrl = acct_ctrl;
+
+       return pdb_set_init_flags(sampass, PDB_ACCTCTRL, flag);
 }
 
-BOOL pdb_set_logon_time (SAM_ACCOUNT *sampass, time_t mytime, BOOL store)
+BOOL pdb_set_logon_time (SAM_ACCOUNT *sampass, time_t mytime, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
 
        sampass->private.logon_time = mytime;
 
-       if (store)
-               pdb_set_init_flag(sampass, FLAG_SAM_LOGONTIME); 
-
-       return True;
+       return pdb_set_init_flags(sampass, PDB_LOGONTIME, flag);
 }
 
-BOOL pdb_set_logoff_time (SAM_ACCOUNT *sampass, time_t mytime, BOOL store)
+BOOL pdb_set_logoff_time (SAM_ACCOUNT *sampass, time_t mytime, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
 
        sampass->private.logoff_time = mytime;
 
-       if (store)
-               pdb_set_init_flag(sampass, FLAG_SAM_LOGOFFTIME); 
-
-       return True;
+       return pdb_set_init_flags(sampass, PDB_LOGOFFTIME, flag);
 }
 
-BOOL pdb_set_kickoff_time (SAM_ACCOUNT *sampass, time_t mytime, BOOL store)
+BOOL pdb_set_kickoff_time (SAM_ACCOUNT *sampass, time_t mytime, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
 
        sampass->private.kickoff_time = mytime;
 
-       if (store)
-               pdb_set_init_flag(sampass, FLAG_SAM_KICKOFFTIME); 
-
-       return True;
+       return pdb_set_init_flags(sampass, PDB_KICKOFFTIME, flag);
 }
 
-BOOL pdb_set_pass_can_change_time (SAM_ACCOUNT *sampass, time_t mytime, BOOL store)
+BOOL pdb_set_pass_can_change_time (SAM_ACCOUNT *sampass, time_t mytime, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
 
        sampass->private.pass_can_change_time = mytime;
 
-       if (store)
-               pdb_set_init_flag(sampass, FLAG_SAM_CANCHANGETIME); 
-
-       return True;
+       return pdb_set_init_flags(sampass, PDB_CANCHANGETIME, flag);
 }
 
-BOOL pdb_set_pass_must_change_time (SAM_ACCOUNT *sampass, time_t mytime, BOOL store)
+BOOL pdb_set_pass_must_change_time (SAM_ACCOUNT *sampass, time_t mytime, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
 
        sampass->private.pass_must_change_time = mytime;
 
-       if (store)
-               pdb_set_init_flag(sampass, FLAG_SAM_MUSTCHANGETIME); 
-
-       return True;
+       return pdb_set_init_flags(sampass, PDB_MUSTCHANGETIME, flag);
 }
 
-BOOL pdb_set_pass_last_set_time (SAM_ACCOUNT *sampass, time_t mytime)
+BOOL pdb_set_pass_last_set_time (SAM_ACCOUNT *sampass, time_t mytime, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
 
        sampass->private.pass_last_set_time = mytime;
 
-       return True;
+       return pdb_set_init_flags(sampass, PDB_PASSLASTSET, flag);
 }
 
-BOOL pdb_set_hours_len (SAM_ACCOUNT *sampass, uint32 len)
+BOOL pdb_set_hours_len (SAM_ACCOUNT *sampass, uint32 len, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
 
        sampass->private.hours_len = len;
-       return True;
+
+       return pdb_set_init_flags(sampass, PDB_HOURSLEN, flag);
 }
 
-BOOL pdb_set_logon_divs (SAM_ACCOUNT *sampass, uint16 hours)
+BOOL pdb_set_logon_divs (SAM_ACCOUNT *sampass, uint16 hours, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
 
        sampass->private.logon_divs = hours;
-       return True;
+
+       return pdb_set_init_flags(sampass, PDB_LOGONDIVS, flag);
 }
 
 /**
@@ -447,18 +447,70 @@ BOOL pdb_set_logon_divs (SAM_ACCOUNT *sampass, uint16 hours)
  *             this flag is only added.  
  **/
  
-BOOL pdb_set_init_flag (SAM_ACCOUNT *sampass, uint32 flag)
+BOOL pdb_set_init_flags (SAM_ACCOUNT *sampass, enum pdb_elements element, enum pdb_value_state value_flag)
 {
-        if (!sampass)
+        if (!sampass || !sampass->mem_ctx)
                 return False;
 
-        sampass->private.init_flag |= flag;
+        if (!sampass->private.set_flags) {
+               if ((sampass->private.set_flags = 
+                       bitmap_talloc(sampass->mem_ctx, 
+                                       PDB_COUNT))==NULL) {
+                       DEBUG(0,("bitmap_talloc failed\n"));
+                       return False;
+               }
+        }
+        if (!sampass->private.change_flags) {
+               if ((sampass->private.change_flags = 
+                       bitmap_talloc(sampass->mem_ctx, 
+                                       PDB_COUNT))==NULL) {
+                       DEBUG(0,("bitmap_talloc failed\n"));
+                       return False;
+               }
+        }
+        
+        switch(value_flag) {
+               case PDB_CHANGED:
+                       if (!bitmap_set(sampass->private.change_flags, element)) {
+                               DEBUG(0,("Can't set flag: %d in change_flags.\n",element));
+                               return False;
+                       }
+                       if (!bitmap_set(sampass->private.set_flags, element)) {
+                               DEBUG(0,("Can't set flag: %d in set_falgs.\n",element));
+                               return False;
+                       }
+                       DEBUG(10, ("element %d -> now CHANGED\n", element)); 
+                       break;
+               case PDB_SET:
+                       if (!bitmap_clear(sampass->private.change_flags, element)) {
+                               DEBUG(0,("Can't set flag: %d in change_flags.\n",element));
+                               return False;
+                       }
+                       if (!bitmap_set(sampass->private.set_flags, element)) {
+                               DEBUG(0,("Can't set flag: %d in set_falgs.\n",element));
+                               return False;
+                       }
+                       DEBUG(10, ("element %d -> now SET\n", element)); 
+                       break;
+               case PDB_DEFAULT:
+               default:
+                       if (!bitmap_clear(sampass->private.change_flags, element)) {
+                               DEBUG(0,("Can't set flag: %d in change_flags.\n",element));
+                               return False;
+                       }
+                       if (!bitmap_clear(sampass->private.set_flags, element)) {
+                               DEBUG(0,("Can't set flag: %d in set_falgs.\n",element));
+                               return False;
+                       }
+                       DEBUG(10, ("element %d -> now DEFAULT\n", element)); 
+                       break;
+       }
 
         return True;
 }
 
-BOOL pdb_set_uid (SAM_ACCOUNT *sampass, const uid_t uid)
-{
+BOOL pdb_set_uid (SAM_ACCOUNT *sampass, const uid_t uid, enum pdb_value_state flag)
+{      
        if (!sampass)
                return False;
        
@@ -466,13 +518,11 @@ BOOL pdb_set_uid (SAM_ACCOUNT *sampass, const uid_t uid)
                   (int)uid, (int)sampass->private.uid));
  
        sampass->private.uid = uid;
-       pdb_set_init_flag(sampass, FLAG_SAM_UID); 
-
-       return True;
-
+       
+       return pdb_set_init_flags(sampass, PDB_UID, flag);
 }
 
-BOOL pdb_set_gid (SAM_ACCOUNT *sampass, const gid_t gid)
+BOOL pdb_set_gid (SAM_ACCOUNT *sampass, const gid_t gid, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
@@ -481,13 +531,11 @@ BOOL pdb_set_gid (SAM_ACCOUNT *sampass, const gid_t gid)
                   (int)gid, (int)sampass->private.gid));
  
        sampass->private.gid = gid; 
-       pdb_set_init_flag(sampass, FLAG_SAM_GID); 
-
-       return True;
 
+       return pdb_set_init_flags(sampass, PDB_GID, flag);
 }
 
-BOOL pdb_set_user_sid (SAM_ACCOUNT *sampass, DOM_SID *u_sid)
+BOOL pdb_set_user_sid (SAM_ACCOUNT *sampass, DOM_SID *u_sid, enum pdb_value_state flag)
 {
        if (!sampass || !u_sid)
                return False;
@@ -496,13 +544,14 @@ BOOL pdb_set_user_sid (SAM_ACCOUNT *sampass, DOM_SID *u_sid)
 
        DEBUG(10, ("pdb_set_user_sid: setting user sid %s\n", 
                    sid_string_static(&sampass->private.user_sid)));
-       
-       return True;
+
+       return pdb_set_init_flags(sampass, PDB_USERSID, flag);
 }
 
-BOOL pdb_set_user_sid_from_string (SAM_ACCOUNT *sampass, fstring u_sid)
+BOOL pdb_set_user_sid_from_string (SAM_ACCOUNT *sampass, fstring u_sid, enum pdb_value_state flag)
 {
        DOM_SID new_sid;
+       
        if (!sampass || !u_sid)
                return False;
 
@@ -514,7 +563,7 @@ BOOL pdb_set_user_sid_from_string (SAM_ACCOUNT *sampass, fstring u_sid)
                return False;
        }
         
-       if (!pdb_set_user_sid(sampass, &new_sid)) {
+       if (!pdb_set_user_sid(sampass, &new_sid, flag)) {
                DEBUG(1, ("pdb_set_user_sid_from_string: could not set sid %s on SAM_ACCOUNT!\n", u_sid));
                return False;
        }
@@ -522,7 +571,7 @@ BOOL pdb_set_user_sid_from_string (SAM_ACCOUNT *sampass, fstring u_sid)
        return True;
 }
 
-BOOL pdb_set_group_sid (SAM_ACCOUNT *sampass, DOM_SID *g_sid)
+BOOL pdb_set_group_sid (SAM_ACCOUNT *sampass, DOM_SID *g_sid, enum pdb_value_state flag)
 {
        if (!sampass || !g_sid)
                return False;
@@ -532,10 +581,10 @@ BOOL pdb_set_group_sid (SAM_ACCOUNT *sampass, DOM_SID *g_sid)
        DEBUG(10, ("pdb_set_group_sid: setting group sid %s\n", 
                    sid_string_static(&sampass->private.group_sid)));
 
-       return True;
+       return pdb_set_init_flags(sampass, PDB_GROUPSID, flag);
 }
 
-BOOL pdb_set_group_sid_from_string (SAM_ACCOUNT *sampass, fstring g_sid)
+BOOL pdb_set_group_sid_from_string (SAM_ACCOUNT *sampass, fstring g_sid, enum pdb_value_state flag)
 {
        DOM_SID new_sid;
        if (!sampass || !g_sid)
@@ -549,7 +598,7 @@ BOOL pdb_set_group_sid_from_string (SAM_ACCOUNT *sampass, fstring g_sid)
                return False;
        }
         
-       if (!pdb_set_group_sid(sampass, &new_sid)) {
+       if (!pdb_set_group_sid(sampass, &new_sid, flag)) {
                DEBUG(1, ("pdb_set_group_sid_from_string: could not set sid %s on SAM_ACCOUNT!\n", g_sid));
                return False;
        }
@@ -560,8 +609,8 @@ BOOL pdb_set_group_sid_from_string (SAM_ACCOUNT *sampass, fstring g_sid)
  Set the user's UNIX name.
  ********************************************************************/
 
-BOOL pdb_set_username(SAM_ACCOUNT *sampass, const char *username)
-{      
+BOOL pdb_set_username(SAM_ACCOUNT *sampass, const char *username, enum pdb_value_state flag)
+{
        if (!sampass)
                return False;
  
@@ -579,16 +628,16 @@ BOOL pdb_set_username(SAM_ACCOUNT *sampass, const char *username)
        } else {
                sampass->private.username = PDB_NOT_QUITE_NULL;
        }
-
-       return True;
+       
+       return pdb_set_init_flags(sampass, PDB_USERNAME, flag);
 }
 
 /*********************************************************************
  Set the domain name.
  ********************************************************************/
 
-BOOL pdb_set_domain(SAM_ACCOUNT *sampass, const char *domain)
-{      
+BOOL pdb_set_domain(SAM_ACCOUNT *sampass, const char *domain, enum pdb_value_state flag)
+{
        if (!sampass)
                return False;
 
@@ -607,14 +656,14 @@ BOOL pdb_set_domain(SAM_ACCOUNT *sampass, const char *domain)
                sampass->private.domain = PDB_NOT_QUITE_NULL;
        }
 
-       return True;
+       return pdb_set_init_flags(sampass, PDB_DOMAIN, flag);
 }
 
 /*********************************************************************
  Set the user's NT name.
  ********************************************************************/
 
-BOOL pdb_set_nt_username(SAM_ACCOUNT *sampass, const char *nt_username)
+BOOL pdb_set_nt_username(SAM_ACCOUNT *sampass, const char *nt_username, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
@@ -634,14 +683,14 @@ BOOL pdb_set_nt_username(SAM_ACCOUNT *sampass, const char *nt_username)
                sampass->private.nt_username = PDB_NOT_QUITE_NULL;
        }
 
-       return True;
+       return pdb_set_init_flags(sampass, PDB_NTUSERNAME, flag);
 }
 
 /*********************************************************************
  Set the user's full name.
  ********************************************************************/
 
-BOOL pdb_set_fullname(SAM_ACCOUNT *sampass, const char *full_name)
+BOOL pdb_set_fullname(SAM_ACCOUNT *sampass, const char *full_name, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
@@ -661,14 +710,14 @@ BOOL pdb_set_fullname(SAM_ACCOUNT *sampass, const char *full_name)
                sampass->private.full_name = PDB_NOT_QUITE_NULL;
        }
 
-       return True;
+       return pdb_set_init_flags(sampass, PDB_FULLNAME, flag);
 }
 
 /*********************************************************************
  Set the user's logon script.
  ********************************************************************/
 
-BOOL pdb_set_logon_script(SAM_ACCOUNT *sampass, const char *logon_script, BOOL store)
+BOOL pdb_set_logon_script(SAM_ACCOUNT *sampass, const char *logon_script, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
@@ -688,19 +737,14 @@ BOOL pdb_set_logon_script(SAM_ACCOUNT *sampass, const char *logon_script, BOOL s
                sampass->private.logon_script = PDB_NOT_QUITE_NULL;
        }
        
-       if (store) {
-               DEBUG(10, ("pdb_set_logon_script: setting logon script sam flag!\n"));
-               pdb_set_init_flag(sampass, FLAG_SAM_LOGONSCRIPT);
-       }
-
-       return True;
+       return pdb_set_init_flags(sampass, PDB_LOGONSCRIPT, flag);
 }
 
 /*********************************************************************
  Set the user's profile path.
  ********************************************************************/
 
-BOOL pdb_set_profile_path (SAM_ACCOUNT *sampass, const char *profile_path, BOOL store)
+BOOL pdb_set_profile_path (SAM_ACCOUNT *sampass, const char *profile_path, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
@@ -720,19 +764,14 @@ BOOL pdb_set_profile_path (SAM_ACCOUNT *sampass, const char *profile_path, BOOL
                sampass->private.profile_path = PDB_NOT_QUITE_NULL;
        }
 
-       if (store) {
-               DEBUG(10, ("pdb_set_profile_path: setting profile path sam flag!\n"));
-               pdb_set_init_flag(sampass, FLAG_SAM_PROFILE);
-       }
-
-       return True;
+       return pdb_set_init_flags(sampass, PDB_PROFILE, flag);
 }
 
 /*********************************************************************
  Set the user's directory drive.
  ********************************************************************/
 
-BOOL pdb_set_dir_drive (SAM_ACCOUNT *sampass, const char *dir_drive, BOOL store)
+BOOL pdb_set_dir_drive (SAM_ACCOUNT *sampass, const char *dir_drive, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
@@ -752,19 +791,14 @@ BOOL pdb_set_dir_drive (SAM_ACCOUNT *sampass, const char *dir_drive, BOOL store)
                sampass->private.dir_drive = PDB_NOT_QUITE_NULL;
        }
        
-       if (store) {
-               DEBUG(10, ("pdb_set_dir_drive: setting dir drive sam flag!\n"));
-               pdb_set_init_flag(sampass, FLAG_SAM_DRIVE);
-       }
-
-       return True;
+       return pdb_set_init_flags(sampass, PDB_DRIVE, flag);
 }
 
 /*********************************************************************
  Set the user's home directory.
  ********************************************************************/
 
-BOOL pdb_set_homedir (SAM_ACCOUNT *sampass, const char *home_dir, BOOL store)
+BOOL pdb_set_homedir (SAM_ACCOUNT *sampass, const char *home_dir, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
@@ -784,19 +818,14 @@ BOOL pdb_set_homedir (SAM_ACCOUNT *sampass, const char *home_dir, BOOL store)
                sampass->private.home_dir = PDB_NOT_QUITE_NULL;
        }
 
-       if (store) {
-               DEBUG(10, ("pdb_set_homedir: setting home dir sam flag!\n"));
-               pdb_set_init_flag(sampass, FLAG_SAM_SMBHOME);
-       }
-
-       return True;
+       return pdb_set_init_flags(sampass, PDB_SMBHOME, flag);
 }
 
 /*********************************************************************
  Set the user's unix home directory.
  ********************************************************************/
 
-BOOL pdb_set_unix_homedir (SAM_ACCOUNT *sampass, const char *unix_home_dir)
+BOOL pdb_set_unix_homedir (SAM_ACCOUNT *sampass, const char *unix_home_dir, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
@@ -817,14 +846,14 @@ BOOL pdb_set_unix_homedir (SAM_ACCOUNT *sampass, const char *unix_home_dir)
                sampass->private.unix_home_dir = PDB_NOT_QUITE_NULL;
        }
 
-       return True;
+       return pdb_set_init_flags(sampass, PDB_UNIXHOMEDIR, flag);
 }
 
 /*********************************************************************
  Set the user's account description.
  ********************************************************************/
 
-BOOL pdb_set_acct_desc (SAM_ACCOUNT *sampass, const char *acct_desc)
+BOOL pdb_set_acct_desc (SAM_ACCOUNT *sampass, const char *acct_desc, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
@@ -841,14 +870,14 @@ BOOL pdb_set_acct_desc (SAM_ACCOUNT *sampass, const char *acct_desc)
                sampass->private.acct_desc = PDB_NOT_QUITE_NULL;
        }
 
-       return True;
+       return pdb_set_init_flags(sampass, PDB_ACCTDESC, flag);
 }
 
 /*********************************************************************
  Set the user's workstation allowed list.
  ********************************************************************/
 
-BOOL pdb_set_workstations (SAM_ACCOUNT *sampass, const char *workstations)
+BOOL pdb_set_workstations (SAM_ACCOUNT *sampass, const char *workstations, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
@@ -868,14 +897,14 @@ BOOL pdb_set_workstations (SAM_ACCOUNT *sampass, const char *workstations)
                sampass->private.workstations = PDB_NOT_QUITE_NULL;
        }
 
-       return True;
+       return pdb_set_init_flags(sampass, PDB_WORKSTATIONS, flag);
 }
 
 /*********************************************************************
  Set the user's 'unknown_str', whatever the heck this actually is...
  ********************************************************************/
 
-BOOL pdb_set_unknown_str (SAM_ACCOUNT *sampass, const char *unknown_str)
+BOOL pdb_set_unknown_str (SAM_ACCOUNT *sampass, const char *unknown_str, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
@@ -892,14 +921,14 @@ BOOL pdb_set_unknown_str (SAM_ACCOUNT *sampass, const char *unknown_str)
                sampass->private.unknown_str = PDB_NOT_QUITE_NULL;
        }
 
-       return True;
+       return pdb_set_init_flags(sampass, PDB_UNKNOWNSTR, flag);
 }
 
 /*********************************************************************
  Set the user's dial string.
  ********************************************************************/
 
-BOOL pdb_set_munged_dial (SAM_ACCOUNT *sampass, const char *munged_dial)
+BOOL pdb_set_munged_dial (SAM_ACCOUNT *sampass, const char *munged_dial, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
@@ -916,14 +945,14 @@ BOOL pdb_set_munged_dial (SAM_ACCOUNT *sampass, const char *munged_dial)
                sampass->private.munged_dial = PDB_NOT_QUITE_NULL;
        }
 
-       return True;
+       return pdb_set_init_flags(sampass, PDB_MUNGEDDIAL, flag);
 }
 
 /*********************************************************************
  Set the user's NT hash.
  ********************************************************************/
 
-BOOL pdb_set_nt_passwd (SAM_ACCOUNT *sampass, const uint8 *pwd)
+BOOL pdb_set_nt_passwd (SAM_ACCOUNT *sampass, const uint8 pwd[NT_HASH_LEN], enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
@@ -932,14 +961,14 @@ BOOL pdb_set_nt_passwd (SAM_ACCOUNT *sampass, const uint8 *pwd)
        
        sampass->private.nt_pw = data_blob(pwd, NT_HASH_LEN);
 
-       return True;
+       return pdb_set_init_flags(sampass, PDB_NTPASSWD, flag);
 }
 
 /*********************************************************************
  Set the user's LM hash.
  ********************************************************************/
 
-BOOL pdb_set_lanman_passwd (SAM_ACCOUNT *sampass, const uint8 pwd[16])
+BOOL pdb_set_lanman_passwd (SAM_ACCOUNT *sampass, const uint8 pwd[LM_HASH_LEN], enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
@@ -948,7 +977,7 @@ BOOL pdb_set_lanman_passwd (SAM_ACCOUNT *sampass, const uint8 pwd[16])
        
        sampass->private.lm_pw = data_blob(pwd, LM_HASH_LEN);
 
-       return True;
+       return pdb_set_init_flags(sampass, PDB_LMPASSWD, flag);
 }
 
 /*********************************************************************
@@ -956,7 +985,7 @@ BOOL pdb_set_lanman_passwd (SAM_ACCOUNT *sampass, const uint8 pwd[16])
  below)
  ********************************************************************/
 
-BOOL pdb_set_plaintext_pw_only (SAM_ACCOUNT *sampass, const char *password)
+BOOL pdb_set_plaintext_pw_only (SAM_ACCOUNT *sampass, const char *password, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
@@ -976,37 +1005,40 @@ BOOL pdb_set_plaintext_pw_only (SAM_ACCOUNT *sampass, const char *password)
                sampass->private.plaintext_pw = NULL;
        }
 
-       return True;
+       return pdb_set_init_flags(sampass, PDB_PLAINTEXT_PW, flag);
 }
 
-BOOL pdb_set_unknown_3 (SAM_ACCOUNT *sampass, uint32 unkn)
+BOOL pdb_set_unknown_3 (SAM_ACCOUNT *sampass, uint32 unkn, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
 
        sampass->private.unknown_3 = unkn;
-       return True;
+       
+       return pdb_set_init_flags(sampass, PDB_UNKNOWN3, flag);
 }
 
-BOOL pdb_set_unknown_5 (SAM_ACCOUNT *sampass, uint32 unkn)
+BOOL pdb_set_unknown_5 (SAM_ACCOUNT *sampass, uint32 unkn, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
 
        sampass->private.unknown_5 = unkn;
-       return True;
+
+       return pdb_set_init_flags(sampass, PDB_UNKNOWN5, flag);
 }
 
-BOOL pdb_set_unknown_6 (SAM_ACCOUNT *sampass, uint32 unkn)
+BOOL pdb_set_unknown_6 (SAM_ACCOUNT *sampass, uint32 unkn, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
 
        sampass->private.unknown_6 = unkn;
-       return True;
+
+       return pdb_set_init_flags(sampass, PDB_UNKNOWN6, flag);
 }
 
-BOOL pdb_set_hours (SAM_ACCOUNT *sampass, const uint8 *hours)
+BOOL pdb_set_hours (SAM_ACCOUNT *sampass, const uint8 *hours, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;
@@ -1018,7 +1050,7 @@ BOOL pdb_set_hours (SAM_ACCOUNT *sampass, const uint8 *hours)
        
        memcpy (sampass->private.hours, hours, MAX_HOURS_LEN);
 
-       return True;
+       return pdb_set_init_flags(sampass, PDB_HOURS, flag);
 }
 
 
@@ -1036,17 +1068,17 @@ BOOL pdb_set_pass_changed_now (SAM_ACCOUNT *sampass)
        if (!sampass)
                return False;
        
-       if (!pdb_set_pass_last_set_time (sampass, time(NULL)))
+       if (!pdb_set_pass_last_set_time (sampass, time(NULL), PDB_CHANGED))
                return False;
 
        if (!account_policy_get(AP_MAX_PASSWORD_AGE, &expire) 
            || (expire==(uint32)-1)) {
-               if (!pdb_set_pass_must_change_time (sampass, get_time_t_max(), False))
+               if (!pdb_set_pass_must_change_time (sampass, get_time_t_max(), PDB_CHANGED))
                        return False;
        } else {
                if (!pdb_set_pass_must_change_time (sampass, 
                                                    pdb_get_pass_last_set_time(sampass)
-                                                   + expire, True))
+                                                   + expire, PDB_CHANGED))
                        return False;
        }
        
@@ -1068,13 +1100,13 @@ BOOL pdb_set_plaintext_passwd (SAM_ACCOUNT *sampass, const char *plaintext)
        
        nt_lm_owf_gen (plaintext, new_nt_p16, new_lanman_p16);
 
-       if (!pdb_set_nt_passwd (sampass, new_nt_p16)) 
+       if (!pdb_set_nt_passwd (sampass, new_nt_p16, PDB_CHANGED)) 
                return False;
 
-       if (!pdb_set_lanman_passwd (sampass, new_lanman_p16)) 
+       if (!pdb_set_lanman_passwd (sampass, new_lanman_p16, PDB_CHANGED)) 
                return False;
 
-       if (!pdb_set_plaintext_pw_only (sampass, plaintext)) 
+       if (!pdb_set_plaintext_pw_only (sampass, plaintext, PDB_CHANGED)) 
                return False;
 
        if (!pdb_set_pass_changed_now (sampass))
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index 38e2e0504d1c09435fd55fa1a5925c256321199c..3f625d1690df84b30b0a39c01a82af0ee219bdcc 100644 (file)
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -162,10 +162,12 @@ static BOOL ldapsam_open_connection (struct ldapsam_privates *ldap_state, LDAP *
 
        int version;
 
+#ifndef NO_LDAP_SECURITY
        if (geteuid() != 0) {
                DEBUG(0, ("ldap_open_connection: cannot access LDAP when not root..\n"));
                return False;
        }
+#endif
 
 #if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)
        DEBUG(10, ("ldapsam_open_connection: %s\n", ldap_state->uri));
@@ -683,13 +685,13 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
        get_single_attribute(ldap_struct, entry, "rid", temp);
        user_rid = (uint32)atol(temp);
 
-       pdb_set_user_sid_from_rid(sampass, user_rid);
+       pdb_set_user_sid_from_rid(sampass, user_rid, PDB_SET);
 
        if (!get_single_attribute(ldap_struct, entry, "primaryGroupID", temp)) {
                group_rid = 0;
        } else {
                group_rid = (uint32)atol(temp);
-               pdb_set_group_sid_from_rid(sampass, group_rid);
+               pdb_set_group_sid_from_rid(sampass, group_rid, PDB_SET);
        }
 
        if ((ldap_state->permit_non_unix_accounts) 
@@ -710,21 +712,21 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
                uid = pw->pw_uid;
                gid = pw->pw_gid;
 
-               pdb_set_unix_homedir(sampass, pw->pw_dir);
+               pdb_set_unix_homedir(sampass, pw->pw_dir, PDB_SET);
 
                passwd_free(&pw);
 
-               pdb_set_uid(sampass, uid);
-               pdb_set_gid(sampass, gid);
+               pdb_set_uid(sampass, uid, PDB_SET);
+               pdb_set_gid(sampass, gid, PDB_SET);
 
                if (group_rid == 0) {
                        GROUP_MAP map;
                        /* call the mapping code here */
                        if(get_group_map_from_gid(gid, &map, MAPPING_WITHOUT_PRIV)) {
-                               pdb_set_group_sid(sampass, &map.sid);
+                               pdb_set_group_sid(sampass, &map.sid, PDB_SET);
                        } 
                        else {
-                               pdb_set_group_sid_from_rid(sampass, pdb_gid_to_group_rid(gid));
+                               pdb_set_group_sid_from_rid(sampass, pdb_gid_to_group_rid(gid), PDB_SET);
                        }
                }
        }
@@ -733,42 +735,42 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
                /* leave as default */
        } else {
                pass_last_set_time = (time_t) atol(temp);
-               pdb_set_pass_last_set_time(sampass, pass_last_set_time);
+               pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET);
        }
 
        if (!get_single_attribute(ldap_struct, entry, "logonTime", temp)) {
                /* leave as default */
        } else {
                logon_time = (time_t) atol(temp);
-               pdb_set_logon_time(sampass, logon_time, True);
+               pdb_set_logon_time(sampass, logon_time, PDB_SET);
        }
 
        if (!get_single_attribute(ldap_struct, entry, "logoffTime", temp)) {
                /* leave as default */
        } else {
                logoff_time = (time_t) atol(temp);
-               pdb_set_logoff_time(sampass, logoff_time, True);
+               pdb_set_logoff_time(sampass, logoff_time, PDB_SET);
        }
 
        if (!get_single_attribute(ldap_struct, entry, "kickoffTime", temp)) {
                /* leave as default */
        } else {
                kickoff_time = (time_t) atol(temp);
-               pdb_set_kickoff_time(sampass, kickoff_time, True);
+               pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET);
        }
 
        if (!get_single_attribute(ldap_struct, entry, "pwdCanChange", temp)) {
                /* leave as default */
        } else {
                pass_can_change_time = (time_t) atol(temp);
-               pdb_set_pass_can_change_time(sampass, pass_can_change_time, True);
+               pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET);
        }
 
        if (!get_single_attribute(ldap_struct, entry, "pwdMustChange", temp)) {
                /* leave as default */
        } else {
                pass_must_change_time = (time_t) atol(temp);
-               pdb_set_pass_must_change_time(sampass, pass_must_change_time, True);
+               pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET);
        }
 
        /* recommend that 'gecos' and 'displayName' should refer to the same
@@ -781,10 +783,10 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
                if (!get_single_attribute(ldap_struct, entry, "displayName", fullname)) {
                        /* leave as default */
                } else {
-                       pdb_set_fullname(sampass, fullname);
+                       pdb_set_fullname(sampass, fullname, PDB_SET);
                }
        } else {
-               pdb_set_fullname(sampass, fullname);
+               pdb_set_fullname(sampass, fullname, PDB_SET);
        }
 
        if (!get_single_attribute(ldap_struct, entry, "homeDrive", dir_drive)) {
@@ -792,9 +794,9 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
                                                                  lp_logon_drive(),
                                                                  username, domain, 
                                                                  uid, gid),
-                                 False);
+                                 PDB_DEFAULT);
        } else {
-               pdb_set_dir_drive(sampass, dir_drive, True);
+               pdb_set_dir_drive(sampass, dir_drive, PDB_SET);
        }
 
        if (!get_single_attribute(ldap_struct, entry, "smbHome", homedir)) {
@@ -802,9 +804,9 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
                                                                  lp_logon_home(),
                                                                  username, domain, 
                                                                  uid, gid), 
-                                 False);
+                                 PDB_DEFAULT);
        } else {
-               pdb_set_homedir(sampass, homedir, True);
+               pdb_set_homedir(sampass, homedir, PDB_SET);
        }
 
        if (!get_single_attribute(ldap_struct, entry, "scriptPath", logon_script)) {
@@ -812,9 +814,9 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
                                                                     lp_logon_script(),
                                                                     username, domain, 
                                                                     uid, gid), 
-                                    False);
+                                    PDB_DEFAULT);
        } else {
-               pdb_set_logon_script(sampass, logon_script, True);
+               pdb_set_logon_script(sampass, logon_script, PDB_SET);
        }
 
        if (!get_single_attribute(ldap_struct, entry, "profilePath", profile_path)) {
@@ -822,21 +824,21 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
                                                                     lp_logon_path(),
                                                                     username, domain, 
                                                                     uid, gid), 
-                                    False);
+                                    PDB_DEFAULT);
        } else {
-               pdb_set_profile_path(sampass, profile_path, True);
+               pdb_set_profile_path(sampass, profile_path, PDB_SET);
        }
 
        if (!get_single_attribute(ldap_struct, entry, "description", acct_desc)) {
                /* leave as default */
        } else {
-               pdb_set_acct_desc(sampass, acct_desc);
+               pdb_set_acct_desc(sampass, acct_desc, PDB_SET);
        }
 
        if (!get_single_attribute(ldap_struct, entry, "userWorkstations", workstations)) {
                /* leave as default */;
        } else {
-               pdb_set_workstations(sampass, workstations);
+               pdb_set_workstations(sampass, workstations, PDB_SET);
        }
 
        /* FIXME: hours stuff should be cleaner */
@@ -850,7 +852,7 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
        } else {
                pdb_gethexpwd(temp, smblmpwd);
                memset((char *)temp, '\0', strlen(temp)+1);
-               if (!pdb_set_lanman_passwd(sampass, smblmpwd))
+               if (!pdb_set_lanman_passwd(sampass, smblmpwd, PDB_SET))
                        return False;
                ZERO_STRUCT(smblmpwd);
        }
@@ -860,7 +862,7 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
        } else {
                pdb_gethexpwd(temp, smbntpwd);
                memset((char *)temp, '\0', strlen(temp)+1);
-               if (!pdb_set_nt_passwd(sampass, smbntpwd))
+               if (!pdb_set_nt_passwd(sampass, smbntpwd, PDB_SET))
                        return False;
                ZERO_STRUCT(smbntpwd);
        }
@@ -873,34 +875,43 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
                if (acct_ctrl == 0)
                        acct_ctrl |= ACB_NORMAL;
 
-               pdb_set_acct_ctrl(sampass, acct_ctrl);
+               pdb_set_acct_ctrl(sampass, acct_ctrl, PDB_SET);
        }
 
-       pdb_set_hours_len(sampass, hours_len);
-       pdb_set_logon_divs(sampass, logon_divs);
+       pdb_set_hours_len(sampass, hours_len, PDB_SET);
+       pdb_set_logon_divs(sampass, logon_divs, PDB_SET);
 
-       pdb_set_username(sampass, username);
+       pdb_set_username(sampass, username, PDB_SET);
 
-       pdb_set_domain(sampass, domain);
-       pdb_set_nt_username(sampass, nt_username);
+       pdb_set_domain(sampass, domain, PDB_DEFAULT);
+       pdb_set_nt_username(sampass, nt_username, PDB_SET);
 
-       pdb_set_munged_dial(sampass, munged_dial);
+       pdb_set_munged_dial(sampass, munged_dial, PDB_SET);
        
-       /* pdb_set_unknown_3(sampass, unknown3); */
-       /* pdb_set_unknown_5(sampass, unknown5); */
-       /* pdb_set_unknown_6(sampass, unknown6); */
+       /* pdb_set_unknown_3(sampass, unknown3, PDB_SET); */
+       /* pdb_set_unknown_5(sampass, unknown5, PDB_SET); */
+       /* pdb_set_unknown_6(sampass, unknown6, PDB_SET); */
 
-       pdb_set_hours(sampass, hours);
+       pdb_set_hours(sampass, hours, PDB_SET);
 
        return True;
 }
 
+static BOOL need_ldap_mod(BOOL pdb_add, const SAM_ACCOUNT * sampass, enum pdb_elements element) {
+       if (pdb_add) {
+               return (!IS_SAM_DEFAULT(sampass, element));
+       } else {
+               return IS_SAM_CHANGED(sampass, element);
+       }
+}
+
 /**********************************************************************
 Initialize SAM_ACCOUNT from an LDAP query
 (Based on init_buffer_from_sam in pdb_tdb.c)
 *********************************************************************/
 static BOOL init_ldap_from_sam (struct ldapsam_privates *ldap_state, 
                                LDAPMod *** mods, int ldap_op, 
+                               BOOL pdb_add,
                                const SAM_ACCOUNT * sampass)
 {
        pstring temp;
@@ -917,91 +928,110 @@ static BOOL init_ldap_from_sam (struct ldapsam_privates *ldap_state,
         * took out adding "objectclass: sambaAccount"
         * do this on a per-mod basis
         */
-
-       make_a_mod(mods, ldap_op, "uid", pdb_get_username(sampass));
-       DEBUG(2, ("Setting entry for user: %s\n", pdb_get_username(sampass)));
-
-       if ( pdb_get_user_rid(sampass) ) {
-               rid = pdb_get_user_rid(sampass);
-       } else if (IS_SAM_SET(sampass, FLAG_SAM_UID)) {
+       if (need_ldap_mod(pdb_add, sampass, PDB_USERNAME)) {
+               make_a_mod(mods, ldap_op, "uid", pdb_get_username(sampass));
+               DEBUG(2, ("Setting entry for user: %s\n", pdb_get_username(sampass)));
+       }
+       
+       if ((rid = pdb_get_user_rid(sampass))!=0 ) {
+               if (need_ldap_mod(pdb_add, sampass, PDB_USERSID)) {             
+                       slprintf(temp, sizeof(temp) - 1, "%i", rid);
+                       make_a_mod(mods, ldap_op, "rid", temp);
+               }
+       } else if (!IS_SAM_DEFAULT(sampass, PDB_UID)) {
                rid = fallback_pdb_uid_to_user_rid(pdb_get_uid(sampass));
+               slprintf(temp, sizeof(temp) - 1, "%i", rid);
+               make_a_mod(mods, ldap_op, "rid", temp);
        } else if (ldap_state->permit_non_unix_accounts) {
                rid = ldapsam_get_next_available_nua_rid(ldap_state);
                if (rid == 0) {
                        DEBUG(0, ("NO user RID specified on account %s, and findining next available NUA RID failed, cannot store!\n", pdb_get_username(sampass)));
                        return False;
                }
+               slprintf(temp, sizeof(temp) - 1, "%i", rid);
+               make_a_mod(mods, ldap_op, "rid", temp);
        } else {
                DEBUG(0, ("NO user RID specified on account %s, cannot store!\n", pdb_get_username(sampass)));
                return False;
        }
 
-       slprintf(temp, sizeof(temp) - 1, "%i", rid);
-       make_a_mod(mods, ldap_op, "rid", temp);
 
-       if ( pdb_get_group_rid(sampass) ) {
-               rid = pdb_get_group_rid(sampass);
-       } else if (IS_SAM_SET(sampass, FLAG_SAM_GID)) {
+
+       if ((rid = pdb_get_group_rid(sampass))!=0 ) {
+               if (need_ldap_mod(pdb_add, sampass, PDB_GROUPSID)) {            
+                       slprintf(temp, sizeof(temp) - 1, "%i", rid);
+                       make_a_mod(mods, ldap_op, "primaryGroupID", temp);
+               }
+       } else if (!IS_SAM_DEFAULT(sampass, PDB_GID)) {
                rid = pdb_gid_to_group_rid(pdb_get_gid(sampass));
+               slprintf(temp, sizeof(temp) - 1, "%i", rid);
+               make_a_mod(mods, ldap_op, "primaryGroupID", temp);
        } else if (ldap_state->permit_non_unix_accounts) {
                rid = DOMAIN_GROUP_RID_USERS;
+               slprintf(temp, sizeof(temp) - 1, "%i", rid);
+               make_a_mod(mods, ldap_op, "primaryGroupID", temp);
        } else {
                DEBUG(0, ("NO group RID specified on account %s, cannot store!\n", pdb_get_username(sampass)));
                return False;
        }
 
-       slprintf(temp, sizeof(temp) - 1, "%i", rid);
-       make_a_mod(mods, ldap_op, "primaryGroupID", temp);
 
        /* displayName, cn, and gecos should all be the same
         *  most easily accomplished by giving them the same OID
         *  gecos isn't set here b/c it should be handled by the 
         *  add-user script
         */
-
-       make_a_mod(mods, ldap_op, "displayName", pdb_get_fullname(sampass));
-       make_a_mod(mods, ldap_op, "cn", pdb_get_fullname(sampass));
-       make_a_mod(mods, ldap_op, "description", pdb_get_acct_desc(sampass));
-       make_a_mod(mods, ldap_op, "userWorkstations", pdb_get_workstations(sampass));
-
+       if (need_ldap_mod(pdb_add, sampass, PDB_FULLNAME)) {
+               make_a_mod(mods, ldap_op, "displayName", pdb_get_fullname(sampass));
+               make_a_mod(mods, ldap_op, "cn", pdb_get_fullname(sampass));
+       }
+       if (need_ldap_mod(pdb_add, sampass, PDB_ACCTDESC)) {    
+               make_a_mod(mods, ldap_op, "description", pdb_get_acct_desc(sampass));
+       }
+       if (need_ldap_mod(pdb_add, sampass, PDB_WORKSTATIONS)) {        
+               make_a_mod(mods, ldap_op, "userWorkstations", pdb_get_workstations(sampass));
+       }
        /*
         * Only updates fields which have been set (not defaults from smb.conf)
         */
 
-       if (IS_SAM_SET(sampass, FLAG_SAM_SMBHOME))
+       if (need_ldap_mod(pdb_add, sampass, PDB_SMBHOME)) {
                make_a_mod(mods, ldap_op, "smbHome", pdb_get_homedir(sampass));
-               
-       if (IS_SAM_SET(sampass, FLAG_SAM_DRIVE))
+       }
+                       
+       if (need_ldap_mod(pdb_add, sampass, PDB_DRIVE)) {
                make_a_mod(mods, ldap_op, "homeDrive", pdb_get_dir_drive(sampass));
+       }
        
-       if (IS_SAM_SET(sampass, FLAG_SAM_LOGONSCRIPT))
+       if (need_ldap_mod(pdb_add, sampass, PDB_LOGONSCRIPT)) {
                make_a_mod(mods, ldap_op, "scriptPath", pdb_get_logon_script(sampass));
-
-       if (IS_SAM_SET(sampass, FLAG_SAM_PROFILE))
+       }
+       
+       if (need_ldap_mod(pdb_add, sampass, PDB_PROFILE))
                make_a_mod(mods, ldap_op, "profilePath", pdb_get_profile_path(sampass));
 
-       if (IS_SAM_SET(sampass, FLAG_SAM_LOGONTIME)) {
+       if (need_ldap_mod(pdb_add, sampass, PDB_LOGONTIME)) {
                slprintf(temp, sizeof(temp) - 1, "%li", pdb_get_logon_time(sampass));
                make_a_mod(mods, ldap_op, "logonTime", temp);
        }
 
-       if (IS_SAM_SET(sampass, FLAG_SAM_LOGOFFTIME)) {
+       if (need_ldap_mod(pdb_add, sampass, PDB_LOGOFFTIME)) {
                slprintf(temp, sizeof(temp) - 1, "%li", pdb_get_logoff_time(sampass));
                make_a_mod(mods, ldap_op, "logoffTime", temp);
        }
 
-       if (IS_SAM_SET(sampass, FLAG_SAM_KICKOFFTIME)) {
+       if (need_ldap_mod(pdb_add, sampass, PDB_KICKOFFTIME)) {
                slprintf (temp, sizeof (temp) - 1, "%li", pdb_get_kickoff_time(sampass));
                make_a_mod(mods, ldap_op, "kickoffTime", temp);
        }
 
 
-       if (IS_SAM_SET(sampass, FLAG_SAM_CANCHANGETIME)) {
+       if (need_ldap_mod(pdb_add, sampass, PDB_CANCHANGETIME)) {
                slprintf (temp, sizeof (temp) - 1, "%li", pdb_get_pass_can_change_time(sampass));
                make_a_mod(mods, ldap_op, "pwdCanChange", temp);
        }
 
-       if (IS_SAM_SET(sampass, FLAG_SAM_MUSTCHANGETIME)) {
+       if (need_ldap_mod(pdb_add, sampass, PDB_MUSTCHANGETIME)) {
                slprintf (temp, sizeof (temp) - 1, "%li", pdb_get_pass_must_change_time(sampass));
                make_a_mod(mods, ldap_op, "pwdMustChange", temp);
        }
@@ -1009,22 +1039,28 @@ static BOOL init_ldap_from_sam (struct ldapsam_privates *ldap_state,
        if ((pdb_get_acct_ctrl(sampass)&(ACB_WSTRUST|ACB_SVRTRUST|ACB_DOMTRUST))||
                (lp_ldap_passwd_sync()!=LDAP_PASSWD_SYNC_ONLY)) {
 
-               pdb_sethexpwd (temp, pdb_get_lanman_passwd(sampass), pdb_get_acct_ctrl(sampass));
-               make_a_mod (mods, ldap_op, "lmPassword", temp);
-       
-               pdb_sethexpwd (temp, pdb_get_nt_passwd(sampass), pdb_get_acct_ctrl(sampass));
-               make_a_mod (mods, ldap_op, "ntPassword", temp);
-       
-               slprintf (temp, sizeof (temp) - 1, "%li", pdb_get_pass_last_set_time(sampass));
-               make_a_mod(mods, ldap_op, "pwdLastSet", temp);
-
+               if (need_ldap_mod(pdb_add, sampass, PDB_LMPASSWD)) {
+                       pdb_sethexpwd (temp, pdb_get_lanman_passwd(sampass), pdb_get_acct_ctrl(sampass));
+                       make_a_mod (mods, ldap_op, "lmPassword", temp);
+               }
+               
+               if (need_ldap_mod(pdb_add, sampass, PDB_NTPASSWD)) {
+                       pdb_sethexpwd (temp, pdb_get_nt_passwd(sampass), pdb_get_acct_ctrl(sampass));
+                       make_a_mod (mods, ldap_op, "ntPassword", temp);
+               }
+               
+               if (need_ldap_mod(pdb_add, sampass, PDB_PASSLASTSET)) {
+                       slprintf (temp, sizeof (temp) - 1, "%li", pdb_get_pass_last_set_time(sampass));
+                       make_a_mod(mods, ldap_op, "pwdLastSet", temp);
+               }
        }
 
        /* FIXME: Hours stuff goes in LDAP  */
-
-       make_a_mod (mods, ldap_op, "acctFlags", pdb_encode_acct_ctrl (pdb_get_acct_ctrl(sampass),
-               NEW_PW_FORMAT_SPACE_PADDED_LEN));
-
+       if (need_ldap_mod(pdb_add, sampass, PDB_ACCTCTRL)) {
+               make_a_mod (mods, ldap_op, "acctFlags", pdb_encode_acct_ctrl (pdb_get_acct_ctrl(sampass),
+                       NEW_PW_FORMAT_SPACE_PADDED_LEN));
+       }
+       
        return True;
 }
 
@@ -1371,14 +1407,27 @@ static NTSTATUS ldapsam_getsampwsid(struct pdb_methods *my_methods, SAM_ACCOUNT
        return ldapsam_getsampwrid(my_methods, user, rid);
 }      
 
-static NTSTATUS ldapsam_modify_entry(LDAP *ldap_struct,SAM_ACCOUNT *newpwd,char *dn,LDAPMod **mods,int ldap_op)
+/********************************************************************
+Do the actual modification - also change a plaittext passord if 
+it it set.
+**********************************************************************/
+
+static NTSTATUS ldapsam_modify_entry(LDAP *ldap_struct,SAM_ACCOUNT *newpwd,char *dn,LDAPMod **mods,int ldap_op, BOOL pdb_add)
 {
        NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
        int rc;
        
-       switch(ldap_op)
-       {
-               case LDAP_MOD_ADD: 
+       if (!ldap_struct || !newpwd || !dn) {
+               return NT_STATUS_INVALID_PARAMETER;
+       }
+       
+       if (!mods) {
+               DEBUG(5,("mods is empty: nothing to modify\n"));
+               /* may be password change below however */
+       } else {
+               switch(ldap_op)
+               {
+                       case LDAP_MOD_ADD: 
                                make_a_mod(&mods, LDAP_MOD_ADD, "objectclass", "account");
                                if((rc = ldap_add_s(ldap_struct,dn,mods))!=LDAP_SUCCESS) {
                                        char *ld_error;
@@ -1392,7 +1441,7 @@ static NTSTATUS ldapsam_modify_entry(LDAP *ldap_struct,SAM_ACCOUNT *newpwd,char
                                        return ret;
                                }  
                                break;
-               case LDAP_MOD_REPLACE:  
+                       case LDAP_MOD_REPLACE:  
                                if((rc = ldap_modify_s(ldap_struct,dn,mods))!=LDAP_SUCCESS) {
                                        char *ld_error;
                                        ldap_get_option(ldap_struct, LDAP_OPT_ERROR_STRING,
@@ -1405,14 +1454,16 @@ static NTSTATUS ldapsam_modify_entry(LDAP *ldap_struct,SAM_ACCOUNT *newpwd,char
                                        return ret;
                                }  
                                break;
-               default:        
+                       default:        
                                DEBUG(0,("Wrong LDAP operation type: %d!\n",ldap_op));
                                return ret;
+               }
        }
        
 #ifdef LDAP_EXOP_X_MODIFY_PASSWD
        if (!(pdb_get_acct_ctrl(newpwd)&(ACB_WSTRUST|ACB_SVRTRUST|ACB_DOMTRUST))&&
                (lp_ldap_passwd_sync()!=LDAP_PASSWD_SYNC_OFF)&&
+               need_ldap_mod(pdb_add, newpwd, PDB_PLAINTEXT_PW)&&
                (pdb_get_plaintext_passwd(newpwd)!=NULL)) {
                BerElement *ber;
                struct berval *bv;
@@ -1529,6 +1580,18 @@ static NTSTATUS ldapsam_update_sam_account(struct pdb_methods *my_methods, SAM_A
        LDAPMessage *entry;
        LDAPMod **mods;
 
+       if (!init_ldap_from_sam(ldap_state, &mods, LDAP_MOD_REPLACE, False, newpwd)) {
+               DEBUG(0, ("ldapsam_update_sam_account: init_ldap_from_sam failed!\n"));
+               ldap_msgfree(result);
+               ldap_unbind(ldap_struct);
+               return ret;
+       }
+       
+       if (mods == NULL) {
+               DEBUG(4,("mods is empty: nothing to update for user: %s\n",pdb_get_username(newpwd)));
+               return NT_STATUS_OK;
+       }
+       
        if (!ldapsam_open_connection(ldap_state, &ldap_struct)) /* open a connection to the server */
                return ret;
 
@@ -1547,18 +1610,11 @@ static NTSTATUS ldapsam_update_sam_account(struct pdb_methods *my_methods, SAM_A
                return ret;
        }
 
-       if (!init_ldap_from_sam(ldap_state, &mods, LDAP_MOD_REPLACE, newpwd)) {
-               DEBUG(0, ("ldapsam_update_sam_account: init_ldap_from_sam failed!\n"));
-               ldap_msgfree(result);
-               ldap_unbind(ldap_struct);
-               return ret;
-       }
-
        entry = ldap_first_entry(ldap_struct, result);
        dn = ldap_get_dn(ldap_struct, entry);
         ldap_msgfree(result);
        
-       if (NT_STATUS_IS_ERR(ldapsam_modify_entry(ldap_struct,newpwd,dn,mods,LDAP_MOD_REPLACE))) {
+       if (NT_STATUS_IS_ERR(ldapsam_modify_entry(ldap_struct,newpwd,dn,mods,LDAP_MOD_REPLACE, False))) {
                DEBUG(0,("failed to modify user with uid = %s\n",
                                        pdb_get_username(newpwd)));
                ldap_mods_free(mods,1);
@@ -1649,17 +1705,23 @@ static NTSTATUS ldapsam_add_sam_account(struct pdb_methods *my_methods, SAM_ACCO
 
        ldap_msgfree(result);
 
-       if (!init_ldap_from_sam(ldap_state, &mods, ldap_op, newpwd)) {
+       if (!init_ldap_from_sam(ldap_state, &mods, ldap_op, True, newpwd)) {
                DEBUG(0, ("ldapsam_add_sam_account: init_ldap_from_sam failed!\n"));
                ldap_mods_free(mods, 1);
                ldap_unbind(ldap_struct);
                return ret;             
        }
+       
+       if (mods == NULL) {
+               DEBUG(0,("mods is empty: nothing to add for user: %s\n",pdb_get_username(newpwd)));
+               return ret;
+       }       
+       
        make_a_mod(&mods, LDAP_MOD_ADD, "objectclass", "sambaAccount");
 
-       if (NT_STATUS_IS_ERR(ldapsam_modify_entry(ldap_struct,newpwd,dn,mods,ldap_op))) {
+       if (NT_STATUS_IS_ERR(ldapsam_modify_entry(ldap_struct,newpwd,dn,mods,ldap_op, True))) {
                DEBUG(0,("failed to modify/add user with uid = %s (dn = %s)\n",
-                                       pdb_get_username(newpwd),dn));
+                        pdb_get_username(newpwd),dn));
                ldap_mods_free(mods,1);
                ldap_unbind(ldap_struct);
                return ret;
diff --git a/source3/passdb/pdb_nisplus.c b/source3/passdb/pdb_nisplus.c
index de520b6b149aefec318fabc66085a14cacb4dede..6334408ef542471f310a3d8a96068ee0fb1ae7e7 100644 (file)
--- a/source3/passdb/pdb_nisplus.c
+++ b/source3/passdb/pdb_nisplus.c
@@ -745,7 +745,7 @@ static BOOL make_sam_from_nisp_object (SAM_ACCOUNT * pw_buf,
        /* Don't change these timestamp settings without a good reason.  They are
           important for NT member server compatibility. */
 
-       pdb_set_logon_time (pw_buf, (time_t) 0, True);
+       pdb_set_logon_time (pw_buf, (time_t) 0, PDB_DEFAULT);
        ptr = (uchar *) ENTRY_VAL (obj, NPF_LOGON_T);
        if (ptr && *ptr && (StrnCaseCmp (ptr, "LNT-", 4) == 0)) {
                int i;
@@ -758,11 +758,11 @@ static BOOL make_sam_from_nisp_object (SAM_ACCOUNT * pw_buf,
                if (i == 8) {
                        pdb_set_logon_time (pw_buf,
                                            (time_t) strtol (ptr, NULL, 16),
-                                           True);
+                                           PDB_SET);
                }
        }
 
-       pdb_set_logoff_time (pw_buf, get_time_t_max (), True);
+       pdb_set_logoff_time (pw_buf, get_time_t_max (), PDB_DEFAULT);
        ptr = (uchar *) ENTRY_VAL (obj, NPF_LOGOFF_T);
        if (ptr && *ptr && (StrnCaseCmp (ptr, "LOT-", 4) == 0)) {
                int i;
@@ -775,11 +775,11 @@ static BOOL make_sam_from_nisp_object (SAM_ACCOUNT * pw_buf,
                if (i == 8) {
                        pdb_set_logoff_time (pw_buf,
                                             (time_t) strtol (ptr, NULL, 16),
-                                            True);
+                                            PDB_SET);
                }
        }
 
-       pdb_set_kickoff_time (pw_buf, get_time_t_max (), True);
+       pdb_set_kickoff_time (pw_buf, get_time_t_max (), PDB_DEFAULT);
        ptr = (uchar *) ENTRY_VAL (obj, NPF_KICK_T);
        if (ptr && *ptr && (StrnCaseCmp (ptr, "KOT-", 4) == 0)) {
                int i;
@@ -792,11 +792,11 @@ static BOOL make_sam_from_nisp_object (SAM_ACCOUNT * pw_buf,
                if (i == 8) {
                        pdb_set_kickoff_time (pw_buf,
                                              (time_t) strtol (ptr, NULL, 16),
-                                             True);
+                                             PDB_SET);
                }
        }
 
-       pdb_set_pass_last_set_time (pw_buf, (time_t) 0);
+       pdb_set_pass_last_set_time (pw_buf, (time_t) 0, PDB_DEFAULT);
        ptr = (uchar *) ENTRY_VAL (obj, NPF_PWDLSET_T);
        if (ptr && *ptr && (StrnCaseCmp (ptr, "LCT-", 4) == 0)) {
                int i;
@@ -810,11 +810,12 @@ static BOOL make_sam_from_nisp_object (SAM_ACCOUNT * pw_buf,
                        pdb_set_pass_last_set_time (pw_buf,
                                                    (time_t) strtol (ptr,
                                                                     NULL,
-                                                                    16));
+                                                                    16),
+                                                    PDB_SET);
                }
        }
 
-       pdb_set_pass_can_change_time (pw_buf, (time_t) 0, True);
+       pdb_set_pass_can_change_time (pw_buf, (time_t) 0, PDB_DEFAULT);
        ptr = (uchar *) ENTRY_VAL (obj, NPF_PWDCCHG_T);
        if (ptr && *ptr && (StrnCaseCmp (ptr, "CCT-", 4) == 0)) {
                int i;
@@ -829,11 +830,11 @@ static BOOL make_sam_from_nisp_object (SAM_ACCOUNT * pw_buf,
                                                      (time_t) strtol (ptr,
                                                                       NULL,
                                                                       16),
-                                                     True);
+                                                     PDB_SET);
                }
        }
 
-       pdb_set_pass_must_change_time (pw_buf, get_time_t_max (), True);        /* Password never expires. */
+       pdb_set_pass_must_change_time (pw_buf, get_time_t_max (), PDB_DEFAULT); /* Password never expires. */
        ptr = (uchar *) ENTRY_VAL (obj, NPF_PWDMCHG_T);
        if (ptr && *ptr && (StrnCaseCmp (ptr, "MCT-", 4) == 0)) {
                int i;
@@ -848,13 +849,13 @@ static BOOL make_sam_from_nisp_object (SAM_ACCOUNT * pw_buf,
                                                       (time_t) strtol (ptr,
                                                                        NULL,
                                                                        16),
-                                                      True);
+                                                      PDB_SET);
                }
        }
 
        /* string values */
-       pdb_set_username (pw_buf, ENTRY_VAL (obj, NPF_NAME));
-       pdb_set_domain (pw_buf, lp_workgroup ());
+       pdb_set_username (pw_buf, ENTRY_VAL (obj, NPF_NAME), PDB_SET);
+       pdb_set_domain (pw_buf, lp_workgroup (), PDB_DEFAULT);
        /* pdb_set_nt_username() -- cant set it here... */
 
        get_single_attribute (obj, NPF_FULL_NAME, full_name,
@@ -862,27 +863,27 @@ static BOOL make_sam_from_nisp_object (SAM_ACCOUNT * pw_buf,
 #if 0
        unix_to_dos (full_name, True);
 #endif
-       pdb_set_fullname (pw_buf, full_name);
+       pdb_set_fullname (pw_buf, full_name, PDB_SET);
 
        pdb_set_acct_ctrl (pw_buf, pdb_decode_acct_ctrl (ENTRY_VAL (obj,
-                                                                   NPF_ACB)));
+                                                                   NPF_ACB), PDB_SET));
 
        get_single_attribute (obj, NPF_ACCT_DESC, acct_desc,
                              sizeof (pstring));
 #if 0
        unix_to_dos (acct_desc, True);
 #endif
-       pdb_set_acct_desc (pw_buf, acct_desc);
+       pdb_set_acct_desc (pw_buf, acct_desc, PDB_SET);
 
-       pdb_set_workstations (pw_buf, ENTRY_VAL (obj, NPF_WORKSTATIONS));
-       pdb_set_munged_dial (pw_buf, NULL);
+       pdb_set_workstations (pw_buf, ENTRY_VAL (obj, NPF_WORKSTATIONS), PDB_SET);
+       pdb_set_munged_dial (pw_buf, NULL, PDB_DEFAULT);
 
-       pdb_set_uid (pw_buf, atoi (ENTRY_VAL (obj, NPF_UID)));
-       pdb_set_gid (pw_buf, atoi (ENTRY_VAL (obj, NPF_SMB_GRPID)));
+       pdb_set_uid (pw_buf, atoi (ENTRY_VAL (obj, NPF_UID)), PDB_SET);
+       pdb_set_gid (pw_buf, atoi (ENTRY_VAL (obj, NPF_SMB_GRPID)), PDB_SET);
        pdb_set_user_sid_from_rid (pw_buf,
-                                  atoi (ENTRY_VAL (obj, NPF_USER_RID)));
+                                  atoi (ENTRY_VAL (obj, NPF_USER_RID)), PDB_SET);
        pdb_set_group_sid_from_rid (pw_buf,
-                                   atoi (ENTRY_VAL (obj, NPF_GROUP_RID)));
+                                   atoi (ENTRY_VAL (obj, NPF_GROUP_RID)), PDB_SET);
 
        /* values, must exist for user */
        if (!(pdb_get_acct_ctrl (pw_buf) & ACB_WSTRUST)) {
@@ -891,59 +892,60 @@ static BOOL make_sam_from_nisp_object (SAM_ACCOUNT * pw_buf,
                                      sizeof (pstring));
                if (!(home_dir && *home_dir)) {
                        pstrcpy (home_dir, lp_logon_home ());
-                       pdb_set_homedir (pw_buf, home_dir, False);
+                       pdb_set_homedir (pw_buf, home_dir, PDB_DEFAULT);
                } else
-                       pdb_set_homedir (pw_buf, home_dir, True);
+                       pdb_set_homedir (pw_buf, home_dir, PDB_SET);
 
                get_single_attribute (obj, NPF_DIR_DRIVE, home_drive,
                                      sizeof (pstring));
                if (!(home_drive && *home_drive)) {
                        pstrcpy (home_drive, lp_logon_drive ());
-                       pdb_set_dir_drive (pw_buf, home_drive, False);
+                       pdb_set_dir_drive (pw_buf, home_drive, PDB_DEFAULT);
                } else
-                       pdb_set_dir_drive (pw_buf, home_drive, True);
+                       pdb_set_dir_drive (pw_buf, home_drive, PDB_SET);
 
                get_single_attribute (obj, NPF_LOGON_SCRIPT, logon_script,
                                      sizeof (pstring));
                if (!(logon_script && *logon_script)) {
                        pstrcpy (logon_script, lp_logon_script ());
+                       pdb_set_logon_script (pw_buf, logon_script, PDB_DEFAULT);
                } else
-                       pdb_set_logon_script (pw_buf, logon_script, True);
+                       pdb_set_logon_script (pw_buf, logon_script, PDB_SET);
 
                get_single_attribute (obj, NPF_PROFILE_PATH, profile_path,
                                      sizeof (pstring));
                if (!(profile_path && *profile_path)) {
                        pstrcpy (profile_path, lp_logon_path ());
-                       pdb_set_profile_path (pw_buf, profile_path, False);
+                       pdb_set_profile_path (pw_buf, profile_path, PDB_DEFAULT);
                } else
-                       pdb_set_profile_path (pw_buf, profile_path, True);
+                       pdb_set_profile_path (pw_buf, profile_path, PDB_SET);
 
        } else {
                /* lkclXXXX this is OBSERVED behaviour by NT PDCs, enforced here. */
-               pdb_set_group_sid_from_rid (pw_buf, DOMAIN_GROUP_RID_USERS);
+               pdb_set_group_sid_from_rid (pw_buf, DOMAIN_GROUP_RID_USERS, PDB_DEFAULT);
        }
 
        /* Check the lanman password column. */
        ptr = (char *) ENTRY_VAL (obj, NPF_LMPWD);
-       if (!pdb_set_lanman_passwd (pw_buf, NULL))
+       if (!pdb_set_lanman_passwd (pw_buf, NULL, PDB_DEFAULT))
                return False;
 
        if (!strncasecmp (ptr, "NO PASSWORD", 11)) {
                pdb_set_acct_ctrl (pw_buf,
-                                  pdb_get_acct_ctrl (pw_buf) | ACB_PWNOTREQ);
+                                  pdb_get_acct_ctrl (pw_buf) | ACB_PWNOTREQ, PDB_SET);
        } else {
                if (strlen (ptr) != 32 || !pdb_gethexpwd (ptr, smbpwd)) {
                        DEBUG (0, ("malformed LM pwd entry: %s.\n",
                                   pdb_get_username (pw_buf)));
                        return False;
                }
-               if (!pdb_set_lanman_passwd (pw_buf, smbpwd))
+               if (!pdb_set_lanman_passwd (pw_buf, smbpwd, PDB_SET))
                        return False;
        }
 
        /* Check the NT password column. */
        ptr = ENTRY_VAL (obj, NPF_NTPWD);
-       if (!pdb_set_nt_passwd (pw_buf, NULL))
+       if (!pdb_set_nt_passwd (pw_buf, NULL, PDB_DEFAULT))
                return False;
 
        if (!(pdb_get_acct_ctrl (pw_buf) & ACB_PWNOTREQ) &&
@@ -953,12 +955,12 @@ static BOOL make_sam_from_nisp_object (SAM_ACCOUNT * pw_buf,
  uid = %d.\n", pdb_get_uid (pw_buf)));
                        return False;
                }
-               if (!pdb_set_nt_passwd (pw_buf, smbntpwd))
+               if (!pdb_set_nt_passwd (pw_buf, smbntpwd, PDB_SET))
                        return False;
        }
 
-       pdb_set_unknown_3 (pw_buf, 0xffffff);   /* don't know */
-       pdb_set_logon_divs (pw_buf, 168);       /* hours per week */
+       pdb_set_unknown_3 (pw_buf, 0xffffff, PDB_DEFAULT);      /* don't know */
+       pdb_set_logon_divs (pw_buf, 168, PDB_DEFAULT);  /* hours per week */
 
        if ((hours_len = ENTRY_LEN (obj, NPF_HOURS)) == 21) {
                memcpy (hours, ENTRY_VAL (obj, NPF_HOURS), hours_len);
@@ -967,11 +969,11 @@ static BOOL make_sam_from_nisp_object (SAM_ACCOUNT * pw_buf,
                /* available at all hours */
                memset (hours, 0xff, hours_len);
        }
-       pdb_set_hours_len (pw_buf, hours_len);
-       pdb_set_hours (pw_buf, hours);
+       pdb_set_hours_len (pw_buf, hours_len, PDB_SET);
+       pdb_set_hours (pw_buf, hours, PDB_SET);
 
-       pdb_set_unknown_5 (pw_buf, 0x00020000); /* don't know */
-       pdb_set_unknown_6 (pw_buf, 0x000004ec); /* don't know */
+       pdb_set_unknown_5 (pw_buf, 0x00020000, PDB_DEFAULT);    /* don't know */
+       pdb_set_unknown_6 (pw_buf, 0x000004ec, PDB_DEFAULT);    /* don't know */
 
        return True;
 }
diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpasswd.c
index 257b5fa2aa2e00326463f5ca580eb64a3d0742fa..94a562fc36a6b51b72ff2314f7a83a935b78b567 100644 (file)
--- a/source3/passdb/pdb_smbpasswd.c
+++ b/source3/passdb/pdb_smbpasswd.c
@@ -1204,16 +1204,16 @@ static BOOL build_sam_account(struct smbpasswd_privates *smbpasswd_state,
            && (pw_buf->smb_userid >= smbpasswd_state->low_nua_userid) 
            && (pw_buf->smb_userid <= smbpasswd_state->high_nua_userid)) {
 
-               pdb_set_user_sid_from_rid(sam_pass, fallback_pdb_uid_to_user_rid (pw_buf->smb_userid));
+               pdb_set_user_sid_from_rid(sam_pass, fallback_pdb_uid_to_user_rid (pw_buf->smb_userid), PDB_SET);
 
                /* lkclXXXX this is OBSERVED behaviour by NT PDCs, enforced here. 
                   
                   This was down the bottom for machines, but it looks pretty good as
                   a general default for non-unix users. --abartlet 2002-01-08
                */
-               pdb_set_group_sid_from_rid (sam_pass, DOMAIN_GROUP_RID_USERS); 
-               pdb_set_username (sam_pass, pw_buf->smb_name);
-               pdb_set_domain (sam_pass, lp_workgroup());
+               pdb_set_group_sid_from_rid (sam_pass, DOMAIN_GROUP_RID_USERS, PDB_SET); 
+               pdb_set_username (sam_pass, pw_buf->smb_name, PDB_SET);
+               pdb_set_domain (sam_pass, lp_workgroup(), PDB_DEFAULT);
        } else {
 
                pwfile = getpwnam_alloc(pw_buf->smb_name);
@@ -1229,18 +1229,18 @@ static BOOL build_sam_account(struct smbpasswd_privates *smbpasswd_state,
                passwd_free(&pwfile);
        }
        
-       pdb_set_nt_passwd (sam_pass, pw_buf->smb_nt_passwd);
-       pdb_set_lanman_passwd (sam_pass, pw_buf->smb_passwd);                   
-       pdb_set_acct_ctrl (sam_pass, pw_buf->acct_ctrl);
-       pdb_set_pass_last_set_time (sam_pass, pw_buf->pass_last_set_time);
-       pdb_set_pass_can_change_time (sam_pass, pw_buf->pass_last_set_time, True);
+       pdb_set_nt_passwd (sam_pass, pw_buf->smb_nt_passwd, PDB_SET);
+       pdb_set_lanman_passwd (sam_pass, pw_buf->smb_passwd, PDB_SET);                  
+       pdb_set_acct_ctrl (sam_pass, pw_buf->acct_ctrl, PDB_SET);
+       pdb_set_pass_last_set_time (sam_pass, pw_buf->pass_last_set_time, PDB_SET);
+       pdb_set_pass_can_change_time (sam_pass, pw_buf->pass_last_set_time, PDB_SET);
        
 #if 0  /* JERRY */
        /* the smbpasswd format doesn't have a must change time field, so
           we can't get this right. The best we can do is to set this to 
           some time in the future. 21 days seems as reasonable as any other value :) 
        */
-       pdb_set_pass_must_change_time (sam_pass, pw_buf->pass_last_set_time + MAX_PASSWORD_AGE);
+       pdb_set_pass_must_change_time (sam_pass, pw_buf->pass_last_set_time + MAX_PASSWORD_AGE, PDB_DEFAULT);
 #endif
        return True;
 }
diff --git a/source3/passdb/pdb_tdb.c b/source3/passdb/pdb_tdb.c
index 241b3298b0b27429a671d89d5147eb84d7ba770b..fb01539d3f597070ded604b7785209b4c34e2534 100644 (file)
--- a/source3/passdb/pdb_tdb.c
+++ b/source3/passdb/pdb_tdb.c
@@ -163,28 +163,28 @@ static BOOL init_sam_from_buffer (struct tdbsam_privates *tdb_state,
                uid = pw->pw_uid;
                gid = pw->pw_gid;
                
-               pdb_set_unix_homedir(sampass, pw->pw_dir);
+               pdb_set_unix_homedir(sampass, pw->pw_dir, PDB_SET);
 
                passwd_free(&pw);
 
-               pdb_set_uid(sampass, uid);
-               pdb_set_gid(sampass, gid);
+               pdb_set_uid(sampass, uid, PDB_SET);
+               pdb_set_gid(sampass, gid, PDB_SET);
        }
 
-       pdb_set_logon_time(sampass, logon_time, True);
-       pdb_set_logoff_time(sampass, logoff_time, True);
-       pdb_set_kickoff_time(sampass, kickoff_time, True);
-       pdb_set_pass_can_change_time(sampass, pass_can_change_time, True);
-       pdb_set_pass_must_change_time(sampass, pass_must_change_time, True);
-       pdb_set_pass_last_set_time(sampass, pass_last_set_time);
+       pdb_set_logon_time(sampass, logon_time, PDB_SET);
+       pdb_set_logoff_time(sampass, logoff_time, PDB_SET);
+       pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET);
+       pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET);
+       pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET);
+       pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET);
 
-       pdb_set_username     (sampass, username); 
-       pdb_set_domain       (sampass, domain);
-       pdb_set_nt_username  (sampass, nt_username);
-       pdb_set_fullname     (sampass, fullname);
+       pdb_set_username     (sampass, username, PDB_SET); 
+       pdb_set_domain       (sampass, domain, PDB_SET);
+       pdb_set_nt_username  (sampass, nt_username, PDB_SET);
+       pdb_set_fullname     (sampass, fullname, PDB_SET);
 
        if (homedir) {
-               pdb_set_homedir(sampass, homedir, True);
+               pdb_set_homedir(sampass, homedir, PDB_SET);
        }
        else {
                pdb_set_homedir(sampass, 
@@ -192,69 +192,69 @@ static BOOL init_sam_from_buffer (struct tdbsam_privates *tdb_state,
                                                       lp_logon_home(),
                                                       username, domain, 
                                                       uid, gid),
-                               False);
+                               PDB_DEFAULT);
        }
 
        if (dir_drive)  
-               pdb_set_dir_drive(sampass, dir_drive, True);
+               pdb_set_dir_drive(sampass, dir_drive, PDB_SET);
        else {
                pdb_set_dir_drive(sampass, 
                                  talloc_sub_specified(sampass->mem_ctx, 
                                                         lp_logon_drive(),
                                                         username, domain, 
                                                         uid, gid),
-                                 False);
+                                 PDB_DEFAULT);
        }
 
        if (logon_script) 
-               pdb_set_logon_script(sampass, logon_script, True);
+               pdb_set_logon_script(sampass, logon_script, PDB_SET);
        else {
                pdb_set_logon_script(sampass, 
                                     talloc_sub_specified(sampass->mem_ctx, 
                                                            lp_logon_script(),
                                                            username, domain, 
                                                            uid, gid),
-                                 False);
+                                 PDB_DEFAULT);
        }
        
        if (profile_path) {     
-               pdb_set_profile_path(sampass, profile_path, True);
+               pdb_set_profile_path(sampass, profile_path, PDB_SET);
        } else {
                pdb_set_profile_path(sampass, 
                                     talloc_sub_specified(sampass->mem_ctx, 
                                                            lp_logon_path(),
                                                            username, domain, 
                                                            uid, gid),
-                                    False);
+                                    PDB_DEFAULT);
        }
 
-       pdb_set_acct_desc    (sampass, acct_desc);
-       pdb_set_workstations (sampass, workstations);
-       pdb_set_munged_dial  (sampass, munged_dial);
+       pdb_set_acct_desc    (sampass, acct_desc, PDB_SET);
+       pdb_set_workstations (sampass, workstations, PDB_SET);
+       pdb_set_munged_dial  (sampass, munged_dial, PDB_SET);
 
        if (lm_pw_ptr && lm_pw_len == LM_HASH_LEN) {
-               if (!pdb_set_lanman_passwd(sampass, lm_pw_ptr)) {
+               if (!pdb_set_lanman_passwd(sampass, lm_pw_ptr, PDB_SET)) {
                        ret = False;
                        goto done;
                }
        }
 
        if (nt_pw_ptr && nt_pw_len == NT_HASH_LEN) {
-               if (!pdb_set_nt_passwd(sampass, nt_pw_ptr)) {
+               if (!pdb_set_nt_passwd(sampass, nt_pw_ptr, PDB_SET)) {
                        ret = False;
                        goto done;
                }
        }
 
-       pdb_set_user_sid_from_rid(sampass, user_rid);
-       pdb_set_group_sid_from_rid(sampass, group_rid);
-       pdb_set_unknown_3(sampass, unknown_3);
-       pdb_set_hours_len(sampass, hours_len);
-       pdb_set_unknown_5(sampass, unknown_5);
-       pdb_set_unknown_6(sampass, unknown_6);
-       pdb_set_acct_ctrl(sampass, acct_ctrl);
-       pdb_set_logon_divs(sampass, logon_divs);
-       pdb_set_hours(sampass, hours);
+       pdb_set_user_sid_from_rid(sampass, user_rid, PDB_SET);
+       pdb_set_group_sid_from_rid(sampass, group_rid, PDB_SET);
+       pdb_set_unknown_3(sampass, unknown_3, PDB_SET);
+       pdb_set_hours_len(sampass, hours_len, PDB_SET);
+       pdb_set_unknown_5(sampass, unknown_5, PDB_SET);
+       pdb_set_unknown_6(sampass, unknown_6, PDB_SET);
+       pdb_set_acct_ctrl(sampass, acct_ctrl, PDB_SET);
+       pdb_set_logon_divs(sampass, logon_divs, PDB_SET);
+       pdb_set_hours(sampass, hours, PDB_SET);
 
 done:
 
@@ -354,23 +354,23 @@ static uint32 init_buffer_from_sam (struct tdbsam_privates *tdb_state,
         * Only updates fields which have been set (not defaults from smb.conf)
         */
 
-       if (IS_SAM_SET(sampass, FLAG_SAM_DRIVE)) 
+       if (!IS_SAM_DEFAULT(sampass, PDB_DRIVE)) 
          dir_drive = pdb_get_dir_drive(sampass);
        else dir_drive = NULL;
        if (dir_drive) dir_drive_len = strlen(dir_drive) +1;
        else dir_drive_len = 0;
 
-       if (IS_SAM_SET(sampass, FLAG_SAM_SMBHOME)) homedir = pdb_get_homedir(sampass);
+       if (!IS_SAM_DEFAULT(sampass, PDB_SMBHOME)) homedir = pdb_get_homedir(sampass);
        else homedir = NULL;
        if (homedir) homedir_len = strlen(homedir) +1;
        else homedir_len = 0;
 
-       if (IS_SAM_SET(sampass, FLAG_SAM_LOGONSCRIPT)) logon_script = pdb_get_logon_script(sampass);
+       if (!IS_SAM_DEFAULT(sampass, PDB_LOGONSCRIPT)) logon_script = pdb_get_logon_script(sampass);
        else logon_script = NULL;
        if (logon_script) logon_script_len = strlen(logon_script) +1;
        else logon_script_len = 0;
 
-       if (IS_SAM_SET(sampass, FLAG_SAM_PROFILE)) profile_path = pdb_get_profile_path(sampass);
+       if (!IS_SAM_DEFAULT(sampass, PDB_PROFILE)) profile_path = pdb_get_profile_path(sampass);
        else profile_path = NULL;
        if (profile_path) profile_path_len = strlen(profile_path) +1;
        else profile_path_len = 0;
@@ -421,12 +421,12 @@ static uint32 init_buffer_from_sam (struct tdbsam_privates *tdb_state,
                lm_pw_len, lm_pw,
                nt_pw_len, nt_pw,
                pdb_get_acct_ctrl(sampass),
-               pdb_get_unknown3(sampass),
+               pdb_get_unknown_3(sampass),
                pdb_get_logon_divs(sampass),
                pdb_get_hours_len(sampass),
                MAX_HOURS_LEN, pdb_get_hours(sampass),
-               pdb_get_unknown5(sampass),
-               pdb_get_unknown6(sampass));
+               pdb_get_unknown_5(sampass),
+               pdb_get_unknown_6(sampass));
 
 
        /* malloc the space needed */
@@ -460,12 +460,12 @@ static uint32 init_buffer_from_sam (struct tdbsam_privates *tdb_state,
                lm_pw_len, lm_pw,
                nt_pw_len, nt_pw,
                pdb_get_acct_ctrl(sampass),
-               pdb_get_unknown3(sampass),
+               pdb_get_unknown_3(sampass),
                pdb_get_logon_divs(sampass),
                pdb_get_hours_len(sampass),
                MAX_HOURS_LEN, pdb_get_hours(sampass),
-               pdb_get_unknown5(sampass),
-               pdb_get_unknown6(sampass));
+               pdb_get_unknown_5(sampass),
+               pdb_get_unknown_6(sampass));
        
        
        /* check to make sure we got it correct */
@@ -781,7 +781,7 @@ static BOOL tdb_update_sam(struct pdb_methods *my_methods, SAM_ACCOUNT* newpwd,
                                                goto done;
                                        }
                                }
-                               pdb_set_user_sid_from_rid(newpwd, user_rid);
+                               pdb_set_user_sid_from_rid(newpwd, user_rid, PDB_CHANGED);
                        } else {
                                user_rid = tdb_state->low_nua_rid;
                                tdb_ret = tdb_change_uint32_atomic(pwd_tdb, "NUA_RID_COUNTER", &user_rid, RID_MULTIPLIER);
@@ -794,7 +794,7 @@ static BOOL tdb_update_sam(struct pdb_methods *my_methods, SAM_ACCOUNT* newpwd,
                                        ret = False;
                                        goto done;
                                }
-                               pdb_set_user_sid_from_rid(newpwd, user_rid);
+                               pdb_set_user_sid_from_rid(newpwd, user_rid, PDB_CHANGED);
                        }
                } else {
                        DEBUG (0,("tdb_update_sam: Failing to store a SAM_ACCOUNT for [%s] without a RID\n",pdb_get_username(newpwd)));
@@ -811,7 +811,7 @@ static BOOL tdb_update_sam(struct pdb_methods *my_methods, SAM_ACCOUNT* newpwd,
                                goto done;
                        } else {
                                /* This seems like a good default choice for non-unix users */
-                               pdb_set_group_sid_from_rid(newpwd, DOMAIN_GROUP_RID_USERS);
+                               pdb_set_group_sid_from_rid(newpwd, DOMAIN_GROUP_RID_USERS, PDB_DEFAULT);
                        }
                } else {
                        DEBUG (0,("tdb_update_sam: Failing to store a SAM_ACCOUNT for [%s] without a primary group RID\n",pdb_get_username(newpwd)));
diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c
index ddf51fcf0be04b5369f80429487b97e5434d9573..6b96b790479485952e18063fa459c78ae418171c 100644 (file)
--- a/source3/rpc_parse/parse_samr.c
+++ b/source3/rpc_parse/parse_samr.c
@@ -6061,11 +6061,11 @@ NTSTATUS init_sam_user_info21A(SAM_USER_INFO_21 *usr, SAM_ACCOUNT *pw, DOM_SID *
        usr->user_rid  = user_rid;
        usr->group_rid = group_rid;
        usr->acb_info  = pdb_get_acct_ctrl(pw);
-       usr->unknown_3 = pdb_get_unknown3(pw);
+       usr->unknown_3 = pdb_get_unknown_3(pw);
 
        usr->logon_divs = pdb_get_logon_divs(pw); 
        usr->ptr_logon_hrs = pdb_get_hours(pw) ? 1 : 0;
-       usr->unknown_5 = pdb_get_unknown5(pw); /* 0x0002 0000 */
+       usr->unknown_5 = pdb_get_unknown_5(pw); /* 0x0002 0000 */
 
        if (pdb_get_pass_must_change_time(pw) == 0) {
                usr->passmustchange=PASS_MUST_CHANGE_AT_NEXT_LOGON;
@@ -6088,7 +6088,7 @@ NTSTATUS init_sam_user_info21A(SAM_USER_INFO_21 *usr, SAM_ACCOUNT *pw, DOM_SID *
        init_unistr2(&usr->uni_unknown_str, NULL, len_unknown_str);
        init_unistr2(&usr->uni_munged_dial, munged_dial, len_munged_dial);
 
-       usr->unknown_6 = pdb_get_unknown6(pw);
+       usr->unknown_6 = pdb_get_unknown_6(pw);
        usr->padding4 = 0;
 
        if (pdb_get_hours(pw)) {
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index 4478729e4d96c95b43e6d1654a74e7947d493a32..69d619a2b0473166d8ac93599d9521a2a9280419 100644 (file)
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -433,12 +433,12 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *
        cred_hash3( pwd, q_u->pwd, p->dc.sess_key, 0);
 
        /* lies!  nt and lm passwords are _not_ the same: don't care */
-       if (!pdb_set_lanman_passwd (sampass, pwd)) {
+       if (!pdb_set_lanman_passwd (sampass, pwd, PDB_CHANGED)) {
                pdb_free_sam(&sampass);
                return NT_STATUS_NO_MEMORY;
        }
 
-       if (!pdb_set_nt_passwd     (sampass, pwd)) {
+       if (!pdb_set_nt_passwd     (sampass, pwd, PDB_CHANGED)) {
                pdb_free_sam(&sampass);
                return NT_STATUS_NO_MEMORY;
        }
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 6b7318a3255b07b35408a8157ec1a4ff66deb17a..686614e9a43eddd288c7e53649f4fb67f49a6aa1 100644 (file)
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -205,8 +205,8 @@ static void samr_clear_sam_passwd(SAM_ACCOUNT *sam_pass)
 
        /* These now zero out the old password */
 
-       pdb_set_lanman_passwd(sam_pass, NULL);
-       pdb_set_nt_passwd(sam_pass, NULL);
+       pdb_set_lanman_passwd(sam_pass, NULL, PDB_DEFAULT);
+       pdb_set_nt_passwd(sam_pass, NULL, PDB_DEFAULT);
 }
 
 
@@ -2288,13 +2288,13 @@ NTSTATUS _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_
                        return nt_status;
                }
                
-               if (!pdb_set_username(sam_pass, account)) {
+               if (!pdb_set_username(sam_pass, account, PDB_CHANGED)) {
                        pdb_free_sam(&sam_pass);
                        return NT_STATUS_NO_MEMORY;
                }
        }
 
-       pdb_set_acct_ctrl(sam_pass, acb_info);
+       pdb_set_acct_ctrl(sam_pass, acb_info, PDB_CHANGED);
  
        if (!pdb_add_sam_account(sam_pass)) {
                pdb_free_sam(&sam_pass);
@@ -2675,8 +2675,9 @@ static BOOL set_user_info_10(const SAM_USER_INFO_10 *id10, DOM_SID *sid)
                pdb_free_sam(&pwd);
                return False;
        }
-
-       if (!pdb_set_acct_ctrl(pwd, id10->acb_info)) {
+       
+       /* FIX ME: check if the value is really changed --metze */
+       if (!pdb_set_acct_ctrl(pwd, id10->acb_info, PDB_CHANGED)) {
                pdb_free_sam(&pwd);
                return False;
        }
@@ -2712,11 +2713,11 @@ static BOOL set_user_info_12(SAM_USER_INFO_12 *id12, DOM_SID *sid)
                return False;
        }
  
-       if (!pdb_set_lanman_passwd (pwd, id12->lm_pwd)) {
+       if (!pdb_set_lanman_passwd (pwd, id12->lm_pwd, PDB_CHANGED)) {
                pdb_free_sam(&pwd);
                return False;
        }
-       if (!pdb_set_nt_passwd     (pwd, id12->nt_pwd)) {
+       if (!pdb_set_nt_passwd     (pwd, id12->nt_pwd, PDB_CHANGED)) {
                pdb_free_sam(&pwd);
                return False;
        }
diff --git a/source3/rpc_server/srv_samr_util.c b/source3/rpc_server/srv_samr_util.c
index 18297056d68d04627c8f1ce420166c6c9d555966..2a43155c10cf19c2b2967a9bfae34d24d9741902 100644 (file)
--- a/source3/rpc_server/srv_samr_util.c
+++ b/source3/rpc_server/srv_samr_util.c
@@ -47,14 +47,14 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from)
                stored_time = pdb_get_logon_time(to);
                DEBUG(10,("INFO_21 LOGON_TIME: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time));
                if (stored_time != unix_time) 
-                       pdb_set_logon_time(to, unix_time, True);
+                       pdb_set_logon_time(to, unix_time, PDB_CHANGED);
        }       
        if (!nt_time_is_zero(&from->logoff_time)) {
                unix_time=nt_time_to_unix(&from->logoff_time);
                stored_time = pdb_get_logoff_time(to);
                DEBUG(10,("INFO_21 LOGOFF_TIME: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time));
                if (stored_time != unix_time) 
-                       pdb_set_logoff_time(to, unix_time, True);
+                       pdb_set_logoff_time(to, unix_time, PDB_CHANGED);
        }
        
        if (!nt_time_is_zero(&from->kickoff_time)) {
@@ -62,7 +62,7 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from)
                stored_time = pdb_get_kickoff_time(to);
                DEBUG(10,("INFO_21 KICKOFF_TIME: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time));
                if (stored_time != unix_time) 
-                       pdb_set_kickoff_time(to, unix_time , True);
+                       pdb_set_kickoff_time(to, unix_time , PDB_CHANGED);
        }       
 
        if (!nt_time_is_zero(&from->pass_can_change_time)) {
@@ -70,14 +70,14 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from)
                stored_time = pdb_get_pass_can_change_time(to);
                DEBUG(10,("INFO_21 PASS_CAN_CH: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time));
                if (stored_time != unix_time) 
-                       pdb_set_pass_can_change_time(to, unix_time, True);
+                       pdb_set_pass_can_change_time(to, unix_time, PDB_CHANGED);
        }
        if (!nt_time_is_zero(&from->pass_last_set_time)) {
                unix_time=nt_time_to_unix(&from->pass_last_set_time);
                stored_time = pdb_get_pass_last_set_time(to);
                DEBUG(10,("INFO_21 PASS_LAST_SET: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time));
                if (stored_time != unix_time) 
-                       pdb_set_pass_last_set_time(to, unix_time);
+                       pdb_set_pass_last_set_time(to, unix_time, PDB_CHANGED);
        }
 
        if (!nt_time_is_zero(&from->pass_must_change_time)) {
@@ -85,7 +85,7 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from)
                stored_time=pdb_get_pass_must_change_time(to);
                DEBUG(10,("INFO_21 PASS_MUST_CH: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time));
                if (stored_time != unix_time) 
-                       pdb_set_pass_must_change_time(to, unix_time, True);
+                       pdb_set_pass_must_change_time(to, unix_time, PDB_CHANGED);
        }
 
        /* Backend should check this for sainity */
@@ -94,7 +94,7 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from)
                new_string = pdb_unistr2_convert(&from->uni_user_name);
                DEBUG(10,("INFO_21 UNI_USER_NAME: %s -> %s\n", old_string, new_string));
                if (STRING_CHANGED)
-                   pdb_set_username(to      , new_string);
+                   pdb_set_username(to      , new_string, PDB_CHANGED);
        }
 
        if (from->hdr_full_name.buffer) {
@@ -102,7 +102,7 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from)
                new_string = pdb_unistr2_convert(&from->uni_user_name);
                DEBUG(10,("INFO_21 UNI_FULL_NAME: %s -> %s\n",old_string, new_string));
                if (STRING_CHANGED)
-                       pdb_set_fullname(to      , new_string);
+                       pdb_set_fullname(to      , new_string, PDB_CHANGED);
        }
        
        if (from->hdr_home_dir.buffer) {
@@ -110,7 +110,7 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from)
                new_string = pdb_unistr2_convert(&from->uni_home_dir);
                DEBUG(10,("INFO_21 UNI_HOME_DIR: %s -> %s\n",old_string,new_string));
                if (STRING_CHANGED)
-                       pdb_set_homedir(to       , new_string, True);
+                       pdb_set_homedir(to       , new_string, PDB_CHANGED);
        }
 
        if (from->hdr_dir_drive.buffer) {
@@ -118,7 +118,7 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from)
                new_string = pdb_unistr2_convert(&from->uni_dir_drive);
                DEBUG(10,("INFO_21 UNI_DIR_DRIVE: %s -> %s\n",old_string,new_string));
                if (STRING_CHANGED)
-                       pdb_set_dir_drive(to     , new_string, True);
+                       pdb_set_dir_drive(to     , new_string, PDB_CHANGED);
        }
 
        if (from->hdr_logon_script.buffer) {
@@ -126,7 +126,7 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from)
                new_string = pdb_unistr2_convert(&from->uni_logon_script);
                DEBUG(10,("INFO_21 UNI_LOGON_SCRIPT: %s -> %s\n",old_string,new_string));
                if (STRING_CHANGED)
-                       pdb_set_logon_script(to  , new_string, True);
+                       pdb_set_logon_script(to  , new_string, PDB_CHANGED);
        }
 
        if (from->hdr_profile_path.buffer) {
@@ -134,7 +134,7 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from)
                new_string = pdb_unistr2_convert(&from->uni_profile_path);
                DEBUG(10,("INFO_21 UNI_PROFILE_PATH: %s -> %s\n",old_string, new_string));
                if (STRING_CHANGED)
-                       pdb_set_profile_path(to  , new_string, True);
+                       pdb_set_profile_path(to  , new_string, PDB_CHANGED);
        }
        
        if (from->hdr_acct_desc.buffer) {
@@ -142,7 +142,7 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from)
                new_string = pdb_unistr2_convert(&from->uni_acct_desc);
                DEBUG(10,("INFO_21 UNI_ACCT_DESC: %s -> %s\n",old_string,new_string));
                if (STRING_CHANGED)
-                       pdb_set_acct_desc(to     , new_string);
+                       pdb_set_acct_desc(to     , new_string, PDB_CHANGED);
        }
        
        if (from->hdr_workstations.buffer) {
@@ -150,7 +150,7 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from)
                new_string = pdb_unistr2_convert(&from->uni_workstations);
                DEBUG(10,("INFO_21 UNI_WORKSTATIONS: %s -> %s\n",old_string, new_string));
                if (STRING_CHANGED)
-                       pdb_set_workstations(to  , new_string);
+                       pdb_set_workstations(to  , new_string, PDB_CHANGED);
        }
 
        if (from->hdr_unknown_str.buffer) {
@@ -158,7 +158,7 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from)
                new_string = pdb_unistr2_convert(&from->uni_unknown_str);
                DEBUG(10,("INFO_21 UNI_UNKNOWN_STR: %s -> %s\n",old_string, new_string));
                if (STRING_CHANGED)
-                       pdb_set_unknown_str(to   , new_string);
+                       pdb_set_unknown_str(to   , new_string, PDB_CHANGED);
        }
        
        if (from->hdr_munged_dial.buffer) {
@@ -166,40 +166,53 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from)
                new_string = pdb_unistr2_convert(&from->uni_munged_dial);
                DEBUG(10,("INFO_21 UNI_MUNGED_DIAL: %s -> %s\n",old_string, new_string));
                if (STRING_CHANGED)
-                       pdb_set_munged_dial(to   , new_string);
+                       pdb_set_munged_dial(to   , new_string, PDB_CHANGED);
        }
        
-       if (from->user_rid) {
+       if (from->user_rid != pdb_get_user_rid(to)) {
                DEBUG(10,("INFO_21 USER_RID: %u -> %u NOT UPDATED!\n",pdb_get_user_rid(to),from->user_rid));
                /* we really allow this ??? metze */
-               /* pdb_set_user_sid_from_rid(to, from->user_rid);*/
+               /* pdb_set_user_sid_from_rid(to, from->user_rid, PDB_CHANGED);*/
        }
        
-       if (from->group_rid) {
+       if (from->group_rid != pdb_get_group_rid(to)) {
                DEBUG(10,("INFO_21 GROUP_RID: %u -> %u\n",pdb_get_group_rid(to),from->group_rid));
-               pdb_set_group_sid_from_rid(to, from->group_rid);
+               pdb_set_group_sid_from_rid(to, from->group_rid, PDB_CHANGED);
        }
        
        DEBUG(10,("INFO_21 ACCT_CTRL: %08X -> %08X\n",pdb_get_acct_ctrl(to),from->acb_info));
-       pdb_set_acct_ctrl(to, from->acb_info);
+       if (from->acb_info != pdb_get_acct_ctrl(to)) {
+               pdb_set_acct_ctrl(to, from->acb_info, PDB_CHANGED);
+       }
 
-       DEBUG(10,("INFO_21 UNKOWN_3: %08X -> %08X\n",pdb_get_unknown3(to),from->unknown_3));
-       pdb_set_unknown_3(to, from->unknown_3);
-       
+       DEBUG(10,("INFO_21 UNKOWN_3: %08X -> %08X\n",pdb_get_unknown_3(to),from->unknown_3));
+       if (from->unknown_3 != pdb_get_unknown_3(to)) {
+               pdb_set_unknown_3(to, from->unknown_3, PDB_CHANGED);
+       }
 
        DEBUG(15,("INFO_21 LOGON_DIVS: %08X -> %08X\n",pdb_get_logon_divs(to),from->logon_divs));
-       pdb_set_logon_divs(to, from->logon_divs);
+       if (from->logon_divs != pdb_get_logon_divs(to)) {
+               pdb_set_logon_divs(to, from->logon_divs, PDB_CHANGED);
+       }
 
        DEBUG(15,("INFO_21 LOGON_HRS.LEN: %08X -> %08X\n",pdb_get_hours_len(to),from->logon_hrs.len));
-       pdb_set_hours_len(to, from->logon_hrs.len);
+       if (from->logon_hrs.len != pdb_get_hours_len(to)) {
+               pdb_set_hours_len(to, from->logon_hrs.len, PDB_CHANGED);
+       }
+
        DEBUG(15,("INFO_21 LOGON_HRS.HOURS: %s -> %s\n",pdb_get_hours(to),from->logon_hrs.hours));
-       pdb_set_hours(to, from->logon_hrs.hours);
+/* Fix me: only update if it changes --metze */
+       pdb_set_hours(to, from->logon_hrs.hours, PDB_CHANGED);
 
-       DEBUG(10,("INFO_21 UNKOWN_5: %08X -> %08X\n",pdb_get_unknown5(to),from->unknown_5));
-       pdb_set_unknown_5(to, from->unknown_5);
+       DEBUG(10,("INFO_21 UNKOWN_5: %08X -> %08X\n",pdb_get_unknown_5(to),from->unknown_5));
+       if (from->unknown_5 != pdb_get_unknown_5(to)) {
+               pdb_set_unknown_5(to, from->unknown_5, PDB_CHANGED);
+       }
 
-       DEBUG(10,("INFO_21 UNKOWN_6: %08X -> %08X\n",pdb_get_unknown6(to),from->unknown_6));
-       pdb_set_unknown_6(to, from->unknown_6);
+       DEBUG(10,("INFO_21 UNKOWN_6: %08X -> %08X\n",pdb_get_unknown_6(to),from->unknown_6));
+       if (from->unknown_6 != pdb_get_unknown_6(to)) {
+               pdb_set_unknown_6(to, from->unknown_6, PDB_CHANGED);
+       }
 
        DEBUG(10,("INFO_21 PADDING1 %02X %02X %02X %02X %02X %02X\n",
                  from->padding1[0],
@@ -211,7 +224,7 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from)
 
        DEBUG(10,("INFO_21 PASS_MUST_CHANGE_AT_NEXT_LOGON: %02X\n",from->passmustchange));
        if (from->passmustchange==PASS_MUST_CHANGE_AT_NEXT_LOGON) {
-               pdb_set_pass_must_change_time(to,0, True);              
+               pdb_set_pass_must_change_time(to,0, PDB_CHANGED);               
        }
 
        DEBUG(10,("INFO_21 PADDING_2: %02X\n",from->padding2));
@@ -236,14 +249,14 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from)
                stored_time = pdb_get_logon_time(to);
                DEBUG(10,("INFO_23 LOGON_TIME: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time));
                if (stored_time != unix_time) 
-                       pdb_set_logon_time(to, unix_time, True);
+                       pdb_set_logon_time(to, unix_time, PDB_CHANGED);
        }       
        if (!nt_time_is_zero(&from->logoff_time)) {
                unix_time=nt_time_to_unix(&from->logoff_time);
                stored_time = pdb_get_logoff_time(to);
                DEBUG(10,("INFO_23 LOGOFF_TIME: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time));
                if (stored_time != unix_time) 
-                       pdb_set_logoff_time(to, unix_time, True);
+                       pdb_set_logoff_time(to, unix_time, PDB_CHANGED);
        }
        
        if (!nt_time_is_zero(&from->kickoff_time)) {
@@ -251,7 +264,7 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from)
                stored_time = pdb_get_kickoff_time(to);
                DEBUG(10,("INFO_23 KICKOFF_TIME: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time));
                if (stored_time != unix_time) 
-                       pdb_set_kickoff_time(to, unix_time , True);
+                       pdb_set_kickoff_time(to, unix_time , PDB_CHANGED);
        }       
 
        if (!nt_time_is_zero(&from->pass_can_change_time)) {
@@ -259,14 +272,14 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from)
                stored_time = pdb_get_pass_can_change_time(to);
                DEBUG(10,("INFO_23 PASS_CAN_CH: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time));
                if (stored_time != unix_time) 
-                       pdb_set_pass_can_change_time(to, unix_time, True);
+                       pdb_set_pass_can_change_time(to, unix_time, PDB_CHANGED);
        }
        if (!nt_time_is_zero(&from->pass_last_set_time)) {
                unix_time=nt_time_to_unix(&from->pass_last_set_time);
                stored_time = pdb_get_pass_last_set_time(to);
                DEBUG(10,("INFO_23 PASS_LAST_SET: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time));
                if (stored_time != unix_time) 
-                       pdb_set_pass_last_set_time(to, unix_time);
+                       pdb_set_pass_last_set_time(to, unix_time, PDB_CHANGED);
        }
 
        if (!nt_time_is_zero(&from->pass_must_change_time)) {
@@ -274,7 +287,7 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from)
                stored_time=pdb_get_pass_must_change_time(to);
                DEBUG(10,("INFO_23 PASS_MUST_CH: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time));
                if (stored_time != unix_time) 
-                       pdb_set_pass_must_change_time(to, unix_time, True);
+                       pdb_set_pass_must_change_time(to, unix_time, PDB_CHANGED);
        }
 
        /* Backend should check this for sainity */
@@ -283,7 +296,7 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from)
                new_string = pdb_unistr2_convert(&from->uni_user_name);
                DEBUG(10,("INFO_23 UNI_USER_NAME: %s -> %s\n", old_string, new_string));
                if (STRING_CHANGED)
-                   pdb_set_username(to      , new_string);
+                   pdb_set_username(to      , new_string, PDB_CHANGED);
        }
 
        if (from->hdr_full_name.buffer) {
@@ -291,7 +304,7 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from)
                new_string = pdb_unistr2_convert(&from->uni_user_name);
                DEBUG(10,("INFO_23 UNI_FULL_NAME: %s -> %s\n",old_string, new_string));
                if (STRING_CHANGED)
-                       pdb_set_fullname(to      , new_string);
+                       pdb_set_fullname(to      , new_string, PDB_CHANGED);
        }
        
        if (from->hdr_home_dir.buffer) {
@@ -299,7 +312,7 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from)
                new_string = pdb_unistr2_convert(&from->uni_home_dir);
                DEBUG(10,("INFO_23 UNI_HOME_DIR: %s -> %s\n",old_string,new_string));
                if (STRING_CHANGED)
-                       pdb_set_homedir(to       , new_string, True);
+                       pdb_set_homedir(to       , new_string, PDB_CHANGED);
        }
 
        if (from->hdr_dir_drive.buffer) {
@@ -307,7 +320,7 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from)
                new_string = pdb_unistr2_convert(&from->uni_dir_drive);
                DEBUG(10,("INFO_23 UNI_DIR_DRIVE: %s -> %s\n",old_string,new_string));
                if (STRING_CHANGED)
-                       pdb_set_dir_drive(to     , new_string, True);
+                       pdb_set_dir_drive(to     , new_string, PDB_CHANGED);
        }
 
        if (from->hdr_logon_script.buffer) {
@@ -315,7 +328,7 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from)
                new_string = pdb_unistr2_convert(&from->uni_logon_script);
                DEBUG(10,("INFO_23 UNI_LOGON_SCRIPT: %s -> %s\n",old_string,new_string));
                if (STRING_CHANGED)
-                       pdb_set_logon_script(to  , new_string, True);
+                       pdb_set_logon_script(to  , new_string, PDB_CHANGED);
        }
 
        if (from->hdr_profile_path.buffer) {
@@ -323,7 +336,7 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from)
                new_string = pdb_unistr2_convert(&from->uni_profile_path);
                DEBUG(10,("INFO_23 UNI_PROFILE_PATH: %s -> %s\n",old_string, new_string));
                if (STRING_CHANGED)
-                       pdb_set_profile_path(to  , new_string, True);
+                       pdb_set_profile_path(to  , new_string, PDB_CHANGED);
        }
        
        if (from->hdr_acct_desc.buffer) {
@@ -331,7 +344,7 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from)
                new_string = pdb_unistr2_convert(&from->uni_acct_desc);
                DEBUG(10,("INFO_23 UNI_ACCT_DESC: %s -> %s\n",old_string,new_string));
                if (STRING_CHANGED)
-                       pdb_set_acct_desc(to     , new_string);
+                       pdb_set_acct_desc(to     , new_string, PDB_CHANGED);
        }
        
        if (from->hdr_workstations.buffer) {
@@ -339,7 +352,7 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from)
                new_string = pdb_unistr2_convert(&from->uni_workstations);
                DEBUG(10,("INFO_23 UNI_WORKSTATIONS: %s -> %s\n",old_string, new_string));
                if (STRING_CHANGED)
-                       pdb_set_workstations(to  , new_string);
+                       pdb_set_workstations(to  , new_string, PDB_CHANGED);
        }
 
        if (from->hdr_unknown_str.buffer) {
@@ -347,7 +360,7 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from)
                new_string = pdb_unistr2_convert(&from->uni_unknown_str);
                DEBUG(10,("INFO_23 UNI_UNKNOWN_STR: %s -> %s\n",old_string, new_string));
                if (STRING_CHANGED)
-                       pdb_set_unknown_str(to   , new_string);
+                       pdb_set_unknown_str(to   , new_string, PDB_CHANGED);
        }
        
        if (from->hdr_munged_dial.buffer) {
@@ -355,40 +368,53 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from)
                new_string = pdb_unistr2_convert(&from->uni_munged_dial);
                DEBUG(10,("INFO_23 UNI_MUNGED_DIAL: %s -> %s\n",old_string, new_string));
                if (STRING_CHANGED)
-                       pdb_set_munged_dial(to   , new_string);
+                       pdb_set_munged_dial(to   , new_string, PDB_CHANGED);
        }
        
-       if (from->user_rid) {
+       if (from->user_rid != pdb_get_user_rid(to)) {
                DEBUG(10,("INFO_23 USER_RID: %u -> %u NOT UPDATED!\n",pdb_get_user_rid(to),from->user_rid));
                /* we really allow this ??? metze */
-               /* pdb_set_user_sid_from_rid(to, from->user_rid);*/
+               /* pdb_set_user_sid_from_rid(to, from->user_rid, PDB_CHANGED);*/
        }
        
-       if (from->group_rid) {
+       if (from->group_rid != pdb_get_group_rid(to)) {
                DEBUG(10,("INFO_23 GROUP_RID: %u -> %u\n",pdb_get_group_rid(to),from->group_rid));
-               pdb_set_group_sid_from_rid(to, from->group_rid);
+               pdb_set_group_sid_from_rid(to, from->group_rid, PDB_CHANGED);
        }
        
        DEBUG(10,("INFO_23 ACCT_CTRL: %08X -> %08X\n",pdb_get_acct_ctrl(to),from->acb_info));
-       pdb_set_acct_ctrl(to, from->acb_info);
+       if (from->acb_info != pdb_get_acct_ctrl(to)) {
+               pdb_set_acct_ctrl(to, from->acb_info, PDB_CHANGED);
+       }
 
-       DEBUG(10,("INFO_23 UNKOWN_3: %08X -> %08X\n",pdb_get_unknown3(to),from->unknown_3));
-       pdb_set_unknown_3(to, from->unknown_3);
-       
+       DEBUG(10,("INFO_23 UNKOWN_3: %08X -> %08X\n",pdb_get_unknown_3(to),from->unknown_3));
+       if (from->unknown_3 != pdb_get_unknown_3(to)) {
+               pdb_set_unknown_3(to, from->unknown_3, PDB_CHANGED);
+       }
 
        DEBUG(15,("INFO_23 LOGON_DIVS: %08X -> %08X\n",pdb_get_logon_divs(to),from->logon_divs));
-       pdb_set_logon_divs(to, from->logon_divs);
+       if (from->logon_divs != pdb_get_logon_divs(to)) {
+               pdb_set_logon_divs(to, from->logon_divs, PDB_CHANGED);
+       }
 
        DEBUG(15,("INFO_23 LOGON_HRS.LEN: %08X -> %08X\n",pdb_get_hours_len(to),from->logon_hrs.len));
-       pdb_set_hours_len(to, from->logon_hrs.len);
+       if (from->logon_hrs.len != pdb_get_hours_len(to)) {
+               pdb_set_hours_len(to, from->logon_hrs.len, PDB_CHANGED);
+       }
+
        DEBUG(15,("INFO_23 LOGON_HRS.HOURS: %s -> %s\n",pdb_get_hours(to),from->logon_hrs.hours));
-       pdb_set_hours(to, from->logon_hrs.hours);
+/* Fix me: only update if it changes --metze */
+       pdb_set_hours(to, from->logon_hrs.hours, PDB_CHANGED);
 
-       DEBUG(10,("INFO_23 UNKOWN_5: %08X -> %08X\n",pdb_get_unknown5(to),from->unknown_5));
-       pdb_set_unknown_5(to, from->unknown_5);
+       DEBUG(10,("INFO_23 UNKOWN_5: %08X -> %08X\n",pdb_get_unknown_5(to),from->unknown_5));
+       if (from->unknown_5 != pdb_get_unknown_5(to)) {
+               pdb_set_unknown_5(to, from->unknown_5, PDB_CHANGED);
+       }
 
-       DEBUG(10,("INFO_23 UNKOWN_6: %08X -> %08X\n",pdb_get_unknown6(to),from->unknown_6));
-       pdb_set_unknown_6(to, from->unknown_6);
+       DEBUG(10,("INFO_23 UNKOWN_6: %08X -> %08X\n",pdb_get_unknown_6(to),from->unknown_6));
+       if (from->unknown_6 != pdb_get_unknown_6(to)) {
+               pdb_set_unknown_6(to, from->unknown_6, PDB_CHANGED);
+       }
 
        DEBUG(10,("INFO_23 PADDING1 %02X %02X %02X %02X %02X %02X\n",
                  from->padding1[0],
@@ -400,7 +426,7 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from)
 
        DEBUG(10,("INFO_23 PASS_MUST_CHANGE_AT_NEXT_LOGON: %02X\n",from->passmustchange));
        if (from->passmustchange==PASS_MUST_CHANGE_AT_NEXT_LOGON) {
-               pdb_set_pass_must_change_time(to,0, True);              
+               pdb_set_pass_must_change_time(to,0, PDB_CHANGED);               
        }
 
        DEBUG(10,("INFO_23 PADDING_2: %02X\n",from->padding2));
diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c
index 9e593b022ef8b934eaa9b9a5f5da2c986fdca789..a5274862fc3596381d7f194c52feacf95d3ca937 100644 (file)
--- a/source3/smbd/chgpasswd.c
+++ b/source3/smbd/chgpasswd.c
@@ -707,11 +707,11 @@ BOOL change_lanman_password(SAM_ACCOUNT *sampass, uchar * pass1,
                D_P16(pwd, pass2, unenc_new_pw);
        }
 
-       if (!pdb_set_lanman_passwd(sampass, unenc_new_pw)) {
+       if (!pdb_set_lanman_passwd(sampass, unenc_new_pw, PDB_CHANGED)) {
                return False;
        }
 
-       if (!pdb_set_nt_passwd    (sampass, NULL)) {
+       if (!pdb_set_nt_passwd    (sampass, NULL, PDB_CHANGED)) {
                return False;   /* We lose the NT hash. Sorry. */
        }
 
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index f2956237dd202bd100e71975378427f491fa09ee..1e87065e3138ff1ceadabb3a80b5871f93709a7d 100644 (file)
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -134,7 +134,7 @@ int register_vuid(auth_serversupplied_info *server_info, const char *smb_name)
         * the new real sam db won't have reference to unix uids or gids
         */
        if (!IS_SAM_UNIX_USER(server_info->sam_account)) {
-               DEBUG(0,("Attempted session setup with invalid user.  No uid/gid in SAM_ACCOUNT (flags:%x)\n", pdb_get_init_flag(server_info->sam_account)));
+               DEBUG(0,("Attempted session setup with invalid user.  No uid/gid in SAM_ACCOUNT\n"));
                free(vuser);
                return UID_FIELD_INVALID;
        }
diff --git a/source3/utils/net_rpc_samsync.c b/source3/utils/net_rpc_samsync.c
index 00e5dee0ce414547c7f2d44e2c7371c20b9a8046..af778fcc0a6ada6edf628f57ce017353270fba95 100644 (file)
--- a/source3/utils/net_rpc_samsync.c
+++ b/source3/utils/net_rpc_samsync.c
@@ -199,62 +199,62 @@ sam_account_from_delta(SAM_ACCOUNT *account, SAM_ACCOUNT_INFO *delta)
           desc, workstations, profile. */
 
        unistr2_to_ascii(s, &delta->uni_acct_name, sizeof(s) - 1);
-       pdb_set_nt_username(account, s);
+       pdb_set_nt_username(account, s, PDB_CHANGED);
 
        /* Unix username is the same - for sainity */
-       pdb_set_username(account, s);
+       pdb_set_username(account, s, PDB_CHANGED);
 
        unistr2_to_ascii(s, &delta->uni_full_name, sizeof(s) - 1);
-       pdb_set_fullname(account, s);
+       pdb_set_fullname(account, s, PDB_CHANGED);
 
        unistr2_to_ascii(s, &delta->uni_home_dir, sizeof(s) - 1);
-       pdb_set_homedir(account, s, True);
+       pdb_set_homedir(account, s, PDB_CHANGED);
 
        unistr2_to_ascii(s, &delta->uni_dir_drive, sizeof(s) - 1);
-       pdb_set_dir_drive(account, s, True);
+       pdb_set_dir_drive(account, s, PDB_CHANGED);
 
        unistr2_to_ascii(s, &delta->uni_logon_script, sizeof(s) - 1);
-       pdb_set_logon_script(account, s, True);
+       pdb_set_logon_script(account, s, PDB_CHANGED);
 
        unistr2_to_ascii(s, &delta->uni_acct_desc, sizeof(s) - 1);
-       pdb_set_acct_desc(account, s);
+       pdb_set_acct_desc(account, s, PDB_CHANGED);
 
        unistr2_to_ascii(s, &delta->uni_workstations, sizeof(s) - 1);
-       pdb_set_workstations(account, s);
+       pdb_set_workstations(account, s, PDB_CHANGED);
 
        unistr2_to_ascii(s, &delta->uni_profile, sizeof(s) - 1);
-       pdb_set_profile_path(account, s, True);
+       pdb_set_profile_path(account, s, PDB_CHANGED);
 
        /* User and group sid */
 
-       pdb_set_user_sid_from_rid(account, delta->user_rid);
-       pdb_set_group_sid_from_rid(account, delta->group_rid);
+       pdb_set_user_sid_from_rid(account, delta->user_rid, PDB_CHANGED);
+       pdb_set_group_sid_from_rid(account, delta->group_rid, PDB_CHANGED);
 
        /* Logon and password information */
 
-       pdb_set_logon_time(account, nt_time_to_unix(&delta->logon_time), True);
+       pdb_set_logon_time(account, nt_time_to_unix(&delta->logon_time), PDB_CHANGED);
        pdb_set_logoff_time(account, nt_time_to_unix(&delta->logoff_time),
-                           True);
-       pdb_set_logon_divs(account, delta->logon_divs);
+                           PDB_CHANGED);
+       pdb_set_logon_divs(account, delta->logon_divs, PDB_CHANGED);
 
        /* TODO: logon hours */
        /* TODO: bad password count */
        /* TODO: logon count */
 
        pdb_set_pass_last_set_time(
-               account, nt_time_to_unix(&delta->pwd_last_set_time));
+               account, nt_time_to_unix(&delta->pwd_last_set_time), PDB_CHANGED);
 
-       pdb_set_kickoff_time(account, get_time_t_max(), True);
+       pdb_set_kickoff_time(account, get_time_t_max(), PDB_CHANGED);
 
        /* Decode hashes from password hash */
        sam_pwd_hash(delta->user_rid, delta->pass.buf_lm_pwd, lm_passwd, 0);
        sam_pwd_hash(delta->user_rid, delta->pass.buf_nt_pwd, nt_passwd, 0);
-       pdb_set_nt_passwd(account, nt_passwd);
-       pdb_set_lanman_passwd(account, lm_passwd);
+       pdb_set_nt_passwd(account, nt_passwd, PDB_CHANGED);
+       pdb_set_lanman_passwd(account, lm_passwd, PDB_CHANGED);
 
        /* TODO: account expiry time */
 
-       pdb_set_acct_ctrl(account, delta->acb_info);
+       pdb_set_acct_ctrl(account, delta->acb_info, PDB_CHANGED);
        return NT_STATUS_OK;
 }
 
diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c
index 9508e6db7c0fc927ac3fdcd3960c50650dda2690..0151b6b1536d32345b66aeefb7bd45c6793e6e14 100644 (file)
--- a/source3/utils/pdbedit.c
+++ b/source3/utils/pdbedit.c
@@ -247,15 +247,15 @@ static int set_user_info (struct pdb_context *in, char *username, char *fullname
        }
        
        if (fullname)
-               pdb_set_fullname(sam_pwent, fullname);
+               pdb_set_fullname(sam_pwent, fullname, PDB_CHANGED);
        if (homedir)
-               pdb_set_homedir(sam_pwent, homedir, True);
+               pdb_set_homedir(sam_pwent, homedir, PDB_CHANGED);
        if (drive)
-               pdb_set_dir_drive(sam_pwent,drive, True);
+               pdb_set_dir_drive(sam_pwent,drive, PDB_CHANGED);
        if (script)
-               pdb_set_logon_script(sam_pwent, script, True);
+               pdb_set_logon_script(sam_pwent, script, PDB_CHANGED);
        if (profile)
-               pdb_set_profile_path (sam_pwent, profile, True);
+               pdb_set_profile_path (sam_pwent, profile, PDB_CHANGED);
        
        if (NT_STATUS_IS_OK(in->pdb_update_sam_account (in, sam_pwent)))
                print_user_info (in, username, True, False);
@@ -285,7 +285,7 @@ static int new_user (struct pdb_context *in, char *username, char *fullname, cha
        } else {
                fprintf (stderr, "WARNING: user %s does not exist in system passwd\n", username);
                pdb_init_sam(&sam_pwent);
-               if (!pdb_set_username(sam_pwent, username)) {
+               if (!pdb_set_username(sam_pwent, username, PDB_CHANGED)) {
                        return False;
                }
        }
@@ -313,17 +313,17 @@ static int new_user (struct pdb_context *in, char *username, char *fullname, cha
        SAFE_FREE(password2);
 
        if (fullname)
-               pdb_set_fullname(sam_pwent, fullname);
+               pdb_set_fullname(sam_pwent, fullname, PDB_CHANGED);
        if (homedir)
-               pdb_set_homedir (sam_pwent, homedir, True);
+               pdb_set_homedir (sam_pwent, homedir, PDB_CHANGED);
        if (drive)
-               pdb_set_dir_drive (sam_pwent, drive, True);
+               pdb_set_dir_drive (sam_pwent, drive, PDB_CHANGED);
        if (script)
-               pdb_set_logon_script(sam_pwent, script, True);
+               pdb_set_logon_script(sam_pwent, script, PDB_CHANGED);
        if (profile)
-               pdb_set_profile_path (sam_pwent, profile, True);
+               pdb_set_profile_path (sam_pwent, profile, PDB_CHANGED);
        
-       pdb_set_acct_ctrl (sam_pwent, ACB_NORMAL);
+       pdb_set_acct_ctrl (sam_pwent, ACB_NORMAL, PDB_CHANGED);
        
        if (NT_STATUS_IS_OK(in->pdb_add_sam_account (in, sam_pwent))) { 
                print_user_info (in, username, True, False);
@@ -361,11 +361,11 @@ static int new_machine (struct pdb_context *in, char *machinename)
        
        pdb_set_plaintext_passwd (sam_pwent, password);
 
-       pdb_set_username (sam_pwent, name);
+       pdb_set_username (sam_pwent, name, PDB_CHANGED);
        
-       pdb_set_acct_ctrl (sam_pwent, ACB_WSTRUST);
+       pdb_set_acct_ctrl (sam_pwent, ACB_WSTRUST, PDB_CHANGED);
        
-       pdb_set_group_sid_from_rid(sam_pwent, DOMAIN_GROUP_RID_COMPUTERS);
+       pdb_set_group_sid_from_rid(sam_pwent, DOMAIN_GROUP_RID_COMPUTERS, PDB_CHANGED);
        
        if (NT_STATUS_IS_OK(in->pdb_add_sam_account (in, sam_pwent))) {
                print_user_info (in, name, True, False);
Unnamed repository; edit this file 'description' to name the repository.