diff options
author | Andrew Bartlett <abartlet@samba.org> | 2002-09-25 12:02:57 +0000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2002-09-25 12:02:57 +0000 |
commit | 31b131b0e9208336b99eea6b301d4a7ea93e6b66 (patch) | |
tree | e9aa16bdb278c850c0b777eb68a079f13316da86 /source3/passdb | |
parent | 059838a843e8677e69c79ee8dbdc0e575ca54797 (diff) | |
download | samba-31b131b0e9208336b99eea6b301d4a7ea93e6b66.tar.gz samba-31b131b0e9208336b99eea6b301d4a7ea93e6b66.tar.xz samba-31b131b0e9208336b99eea6b301d4a7ea93e6b66.zip |
Whenever we deal with adding machine/trusted domain accounts, always reset the
flag to what we expect. This handles the 'upgrade' from unixsam beter (where
all $ terminated accounts are machines).
Andrew Bartlett
(This used to be commit a198940ea6f7b7f3cba38c5a9f695e0731204583)
Diffstat (limited to 'source3/passdb')
-rw-r--r-- | source3/passdb/passdb.c | 43 |
1 files changed, 23 insertions, 20 deletions
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index e0f0cce67f..b78f26a8e8 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -1003,6 +1003,7 @@ BOOL local_password_change(const char *user_name, int local_flags, { struct passwd *pwd = NULL; SAM_ACCOUNT *sam_pass=NULL; + uint16 other_acb; *err_str = '\0'; *msg_str = '\0'; @@ -1042,31 +1043,33 @@ BOOL local_password_change(const char *user_name, int local_flags, return False; } } - if (local_flags & LOCAL_TRUST_ACCOUNT) { - if (!pdb_set_acct_ctrl(sam_pass, ACB_WSTRUST)) { - slprintf(err_str, err_str_len - 1, "Failed to set 'trusted workstation account' flags for user %s.\n", user_name); - pdb_free_sam(&sam_pass); - return False; - } - } else if (local_flags & LOCAL_INTERDOM_ACCOUNT) { - if (!pdb_set_acct_ctrl(sam_pass, ACB_DOMTRUST)) { - slprintf(err_str, err_str_len - 1, "Failed to set 'domain trust account' flags for user %s.\n", user_name); - pdb_free_sam(&sam_pass); - return False; - } - } else { - if (!pdb_set_acct_ctrl(sam_pass, ACB_NORMAL)) { - slprintf(err_str, err_str_len - 1, "Failed to set 'normal account' flags for user %s.\n", user_name); - pdb_free_sam(&sam_pass); - return False; - } - } - } else { /* the entry already existed */ local_flags &= ~LOCAL_ADD_USER; } + /* the 'other' acb bits not being changed here */ + other_acb = (pdb_get_acct_ctrl(sam_pass) & (!(ACB_WSTRUST|ACB_DOMTRUST|ACB_SVRTRUST|ACB_NORMAL))); + if (local_flags & LOCAL_TRUST_ACCOUNT) { + if (!pdb_set_acct_ctrl(sam_pass, ACB_WSTRUST | other_acb) ) { + slprintf(err_str, err_str_len - 1, "Failed to set 'trusted workstation account' flags for user %s.\n", user_name); + pdb_free_sam(&sam_pass); + return False; + } + } else if (local_flags & LOCAL_INTERDOM_ACCOUNT) { + if (!pdb_set_acct_ctrl(sam_pass, ACB_DOMTRUST | other_acb)) { + slprintf(err_str, err_str_len - 1, "Failed to set 'domain trust account' flags for user %s.\n", user_name); + pdb_free_sam(&sam_pass); + return False; + } + } else { + if (!pdb_set_acct_ctrl(sam_pass, ACB_NORMAL | other_acb)) { + slprintf(err_str, err_str_len - 1, "Failed to set 'normal account' flags for user %s.\n", user_name); + pdb_free_sam(&sam_pass); + return False; + } + } + /* * We are root - just write the new password * and the valid last change time. |