diff options
Diffstat (limited to 'daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c')
-rw-r--r-- | daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c index 7c95ac814..a4869813b 100644 --- a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c +++ b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c @@ -351,6 +351,19 @@ static int ipapwd_pre_add(Slapi_PBlock *pb) slapi_entry_attr_set_charptr(e, "sambaNTPassword", nt); slapi_ch_free_string(&nt); } + + if (is_smb) { + /* with samba integration we need to also set sambaPwdLastSet or + * samba will decide the user has to change the password again */ + if (pwdop->pwdata.changetype == IPA_CHANGETYPE_ADMIN) { + /* if it is an admin change instead we need to let know to + * samba as well that the use rmust change its password */ + slapi_entry_attr_set_long(e, "sambaPwdLastset", 0L); + } else { + slapi_entry_attr_set_long(e, "sambaPwdLastset", + (long)pwdop->pwdata.timeNow); + } + } } rc = LDAP_SUCCESS; @@ -736,6 +749,19 @@ static int ipapwd_pre_mod(Slapi_PBlock *pb) "sambaNTPassword", nt); slapi_ch_free_string(&nt); } + + if (is_smb) { + /* with samba integration we need to also set sambaPwdLastSet or + * samba will decide the user has to change the password again */ + if (pwdop->pwdata.changetype == IPA_CHANGETYPE_ADMIN) { + /* if it is an admin change instead we need to let know to + * samba as well that the use rmust change its password */ + slapi_entry_attr_set_long(e, "sambaPwdLastset", 0L); + } else { + slapi_entry_attr_set_long(e, "sambaPwdLastset", + (long)pwdop->pwdata.timeNow); + } + } } rc = LDAP_SUCCESS; |