sam->domain_sid->num_auths--;
sam->last_logon = server_info->last_logon;
- sam->last_logoff = server_info->last_logoff;
+ sam->last_logoff = server_info->last_logoff;
sam->acct_expiry = server_info->acct_expiry;
sam->last_password_change = server_info->last_password_change;
sam->allow_password_change = server_info->allow_password_change;
NT_STATUS_HAVE_NO_MEMORY_AND_FREE(server_info->logon_server, tmp_ctx);
server_info->last_logon = samdb_result_nttime(msg, "lastLogon", 0);
- server_info->last_logoff = samdb_result_nttime(msg, "lastLogoff", 0);
+ server_info->last_logoff = samdb_result_last_logoff(msg);
server_info->acct_expiry = samdb_result_account_expires(msg);
server_info->last_password_change = samdb_result_nttime(msg, "pwdLastSet", 0);
return ldb_msg_find_attr_as_uint64(msg, attr, default_value);
}
+/*
+ * Windows stores 0 for lastLogoff.
+ * But when a MS DC return the lastLogoff (as Logoff Time)
+ * it returns 0x7FFFFFFFFFFFFFFF, not returning this value in this case
+ * cause windows 2008 and newer version to fail for SMB requests
+ */
+NTTIME samdb_result_last_logoff(struct ldb_message *msg)
+{
+ NTTIME ret = ldb_msg_find_attr_as_uint64(msg, "lastLogoff",0);
+
+ if (ret == 0)
+ ret = 0x7FFFFFFFFFFFFFFFULL;
+
+ return ret;
+}
+
/*
* Windows uses both 0 and 9223372036854775807 (0x7FFFFFFFFFFFFFFFULL) to
* indicate an account doesn't expire.