summaryrefslogtreecommitdiffstats
path: root/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c
diff options
context:
space:
mode:
Diffstat (limited to 'daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c')
-rw-r--r--daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c26
1 files changed, 26 insertions, 0 deletions
diff --git a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c
index 7c95ac814..a4869813b 100644
--- a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c
+++ b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c
@@ -351,6 +351,19 @@ static int ipapwd_pre_add(Slapi_PBlock *pb)
slapi_entry_attr_set_charptr(e, "sambaNTPassword", nt);
slapi_ch_free_string(&nt);
}
+
+ if (is_smb) {
+ /* with samba integration we need to also set sambaPwdLastSet or
+ * samba will decide the user has to change the password again */
+ if (pwdop->pwdata.changetype == IPA_CHANGETYPE_ADMIN) {
+ /* if it is an admin change instead we need to let know to
+ * samba as well that the use rmust change its password */
+ slapi_entry_attr_set_long(e, "sambaPwdLastset", 0L);
+ } else {
+ slapi_entry_attr_set_long(e, "sambaPwdLastset",
+ (long)pwdop->pwdata.timeNow);
+ }
+ }
}
rc = LDAP_SUCCESS;
@@ -736,6 +749,19 @@ static int ipapwd_pre_mod(Slapi_PBlock *pb)
"sambaNTPassword", nt);
slapi_ch_free_string(&nt);
}
+
+ if (is_smb) {
+ /* with samba integration we need to also set sambaPwdLastSet or
+ * samba will decide the user has to change the password again */
+ if (pwdop->pwdata.changetype == IPA_CHANGETYPE_ADMIN) {
+ /* if it is an admin change instead we need to let know to
+ * samba as well that the use rmust change its password */
+ slapi_entry_attr_set_long(e, "sambaPwdLastset", 0L);
+ } else {
+ slapi_entry_attr_set_long(e, "sambaPwdLastset",
+ (long)pwdop->pwdata.timeNow);
+ }
+ }
}
rc = LDAP_SUCCESS;
generated by cgit (git 2.34.1) at 2024-05-09 21:40:44 +0000