git.samba.org / nivanova / samba-autobuild / .git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d0e9f22)
dsdb: Fix the password expiry calculation
authorAmitay Isaacs <amitay@gmail.com>
Thu, 17 Nov 2011 23:34:44 +0000 (10:34 +1100)
committerAmitay Isaacs <amitay@gmail.com>
Fri, 18 Nov 2011 03:38:28 +0000 (14:38 +1100)
As per Section 3.1.1.4.5.26 [MS-ADTS.pdf], password is expired if

  pwdLastSet = null, or
  pwdLastSet = 0, or
  (maxPwdAge != 0x8000000000000000 and (ST - pwdLastSet) > maxPwdAge)

source4/dsdb/common/util.c patch | blob | history

diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index cae6bd45b3bcf0cd36aeb9ba4c97d98ae9d69169..826a1e459203733b1f0716be718d88e4b429b135 100644 (file)
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -505,7 +505,7 @@ NTTIME samdb_result_force_password_change(struct ldb_context *sam_ldb,
 
        maxPwdAge = samdb_search_int64(sam_ldb, mem_ctx, 0, domain_dn,
                                       "maxPwdAge", NULL);
-       if (maxPwdAge == 0) {
+       if (maxPwdAge == 0 || maxPwdAge == -0x8000000000000000ULL) {
                return 0x7FFFFFFFFFFFFFFFULL;
        } else {
                attr_time -= maxPwdAge;
Unnamed repository; edit this file 'description' to name the repository.