On Mon, 2004-07-05 at 06:56, Gerald (Jerry) Carter wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Sat, 3 Jul 2004, Tilo Lutz wrote: > > > None of my acounts in ldap have set sambaPwdLastSet, even those acounts > > which became disabled. If I have understand you right, samba should not > > disable account if the attribute sambaPwdLastSet is not defined in ldap? > > If the attribute is not defined smbd gives it an implicit value of 0.
If that's what caused the issue, then there is a bug (which I'm happy to
look into and fix).
/* only reset a password if the last set time has been
explicitly been set to zero. A default last set time
is ignored */
if ( (pdb_get_init_flags(pass, PDB_PASSLASTSET) != PDB_DEFAULT)
&& (pdb_get_pass_last_set_time(pass) == 0) )
{
The intention of the logic was that if the value was undefined in LDAP,
the flags would be set to PDB_DEFAULT and it would not be treated as
'defined as zero' for this test.
Andrew Bartlett
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
