PDB_KICKOFFTIME,
PDB_BAD_PASSWORD_TIME,
PDB_CANCHANGETIME,
- PDB_MUSTCHANGETIME,
PDB_PLAINTEXT_PW,
PDB_USERNAME,
PDB_FULLNAME,
time_t bad_password_time; /* last bad password entered */
time_t pass_last_set_time; /* password last set time */
time_t pass_can_change_time; /* password can change time */
- time_t pass_must_change_time; /* password must change time */
const char *username; /* UNIX username string */
const char *domain; /* Windows Domain name */
bool pdb_set_kickoff_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag);
bool pdb_set_bad_password_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag);
bool pdb_set_pass_can_change_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag);
-bool pdb_set_pass_must_change_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag);
bool pdb_set_pass_last_set_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag);
bool pdb_set_hours_len(struct samu *sampass, uint32_t len, enum pdb_value_state flag);
bool pdb_set_logon_divs(struct samu *sampass, uint16_t hours, enum pdb_value_state flag);
user->pass_can_change_time = (time_t)0;
user->logoff_time = get_time_t_max();
user->kickoff_time = get_time_t_max();
- user->pass_must_change_time = get_time_t_max();
user->fields_present = 0x00ffffff;
user->logon_divs = 168; /* hours per week */
user->hours_len = 21; /* 21 times 8 bits = 168 */
pdb_set_logoff_time(sampass, logoff_time, PDB_SET);
pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET);
pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET);
- pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET);
pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET);
pdb_set_username(sampass, username, PDB_SET);
/* Change from V0 is addition of bad_password_time field. */
pdb_set_bad_password_time(sampass, bad_password_time, PDB_SET);
pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET);
- pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET);
pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET);
pdb_set_username(sampass, username, PDB_SET);
pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET);
pdb_set_bad_password_time(sampass, bad_password_time, PDB_SET);
pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET);
- pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET);
pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET);
pdb_set_username(sampass, username, PDB_SET);
pdb_set_kickoff_time(sampass, convert_uint32_t_to_time_t(kickoff_time), PDB_SET);
pdb_set_bad_password_time(sampass, convert_uint32_t_to_time_t(bad_password_time), PDB_SET);
pdb_set_pass_can_change_time(sampass, convert_uint32_t_to_time_t(pass_can_change_time), PDB_SET);
- pdb_set_pass_must_change_time(sampass, convert_uint32_t_to_time_t(pass_must_change_time), PDB_SET);
pdb_set_pass_last_set_time(sampass, convert_uint32_t_to_time_t(pass_last_set_time), PDB_SET);
pdb_set_username(sampass, username, PDB_SET);
return pdb_set_init_flags(sampass, PDB_CANCHANGETIME, flag);
}
-bool pdb_set_pass_must_change_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag)
-{
- sampass->pass_must_change_time = mytime;
- return pdb_set_init_flags(sampass, PDB_MUSTCHANGETIME, flag);
-}
-
bool pdb_set_pass_last_set_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag)
{
sampass->pass_last_set_time = mytime;
pass_can_change_time, PDB_SET);
}
- temp = smbldap_talloc_single_attribute(
- ldap_state->smbldap_state->ldap_struct,
- entry,
- get_userattr_key2string(ldap_state->schema_ver,
- LDAP_ATTR_PWD_MUST_CHANGE),
- ctx);
- if (temp) {
- pass_must_change_time = (time_t) atol(temp);
- pdb_set_pass_must_change_time(sampass,
- pass_must_change_time, PDB_SET);
- }
-
/* recommend that 'gecos' and 'displayName' should refer to the same
* attribute OID. userFullName depreciated, only used by Samba
* primary rules of LDAP: don't make a new attribute when one is already defined
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_CAN_CHANGE), temp);
SAFE_FREE(temp);
- if (asprintf(&temp, "%li", (long int)pdb_get_pass_must_change_time(sampass)) < 0) {
- return false;
- }
- if (need_update(sampass, PDB_MUSTCHANGETIME))
- smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
- get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_MUST_CHANGE), temp);
- SAFE_FREE(temp);
-
if ((pdb_get_acct_ctrl(sampass)&(ACB_WSTRUST|ACB_SVRTRUST|ACB_DOMTRUST))
|| (lp_ldap_passwd_sync()!=LDAP_PASSWD_SYNC_ONLY)) {
PDB_LOGOFFTIME,
PDB_BAD_PASSWORD_TIME,
PDB_CANCHANGETIME, - these are calculated per policy, not stored
- PDB_MUSTCHANGETIME, - these are calculated per policy, not stored
PDB_DOMAIN,
PDB_NTUSERNAME, - this makes no sense, and never really did
PDB_LOGONDIVS,
struct samu *sam_acct = (struct samu *)pytalloc_get_ptr(obj);
PY_CHECK_TYPE(&PyInt_Type, value, return -1;);
- if (!pdb_set_pass_must_change_time(sam_acct, PyInt_AsLong(value), PDB_CHANGED)) {
- return -1;
- }
- return 0;
+
+ /* TODO: make this not a get/set or give a better exception */
+ return -1;
}
static PyObject *py_samu_get_username(PyObject *obj, void *closure)
pdb_get_account_policy(PDB_POLICY_MIN_PASSWORD_AGE, &min_age);
pdb_set_pass_last_set_time(out, time(NULL), PDB_SET);
- if (expire == 0 || expire == (uint32)-1) {
- pdb_set_pass_must_change_time(out, get_time_t_max(), PDB_SET);
- } else {
- pdb_set_pass_must_change_time(out, time(NULL)+expire, PDB_SET);
- }
-
if (min_age == (uint32)-1) {
pdb_set_pass_can_change_time(out, 0, PDB_SET);
} else {