summaryrefslogtreecommitdiffstats
path: root/source3
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2002-09-25 12:02:57 +0000
committerAndrew Bartlett <abartlet@samba.org>2002-09-25 12:02:57 +0000
commit31b131b0e9208336b99eea6b301d4a7ea93e6b66 (patch)
treee9aa16bdb278c850c0b777eb68a079f13316da86 /source3
parent059838a843e8677e69c79ee8dbdc0e575ca54797 (diff)
downloadsamba-31b131b0e9208336b99eea6b301d4a7ea93e6b66.tar.gz
samba-31b131b0e9208336b99eea6b301d4a7ea93e6b66.tar.xz
samba-31b131b0e9208336b99eea6b301d4a7ea93e6b66.zip
Whenever we deal with adding machine/trusted domain accounts, always reset the
flag to what we expect. This handles the 'upgrade' from unixsam beter (where all $ terminated accounts are machines). Andrew Bartlett (This used to be commit a198940ea6f7b7f3cba38c5a9f695e0731204583)
Diffstat (limited to 'source3')
-rw-r--r--source3/passdb/passdb.c43
1 files changed, 23 insertions, 20 deletions
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index e0f0cce67f..b78f26a8e8 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -1003,6 +1003,7 @@ BOOL local_password_change(const char *user_name, int local_flags,
{
struct passwd *pwd = NULL;
SAM_ACCOUNT *sam_pass=NULL;
+ uint16 other_acb;
*err_str = '\0';
*msg_str = '\0';
@@ -1042,31 +1043,33 @@ BOOL local_password_change(const char *user_name, int local_flags,
return False;
}
}
- if (local_flags & LOCAL_TRUST_ACCOUNT) {
- if (!pdb_set_acct_ctrl(sam_pass, ACB_WSTRUST)) {
- slprintf(err_str, err_str_len - 1, "Failed to set 'trusted workstation account' flags for user %s.\n", user_name);
- pdb_free_sam(&sam_pass);
- return False;
- }
- } else if (local_flags & LOCAL_INTERDOM_ACCOUNT) {
- if (!pdb_set_acct_ctrl(sam_pass, ACB_DOMTRUST)) {
- slprintf(err_str, err_str_len - 1, "Failed to set 'domain trust account' flags for user %s.\n", user_name);
- pdb_free_sam(&sam_pass);
- return False;
- }
- } else {
- if (!pdb_set_acct_ctrl(sam_pass, ACB_NORMAL)) {
- slprintf(err_str, err_str_len - 1, "Failed to set 'normal account' flags for user %s.\n", user_name);
- pdb_free_sam(&sam_pass);
- return False;
- }
- }
-
} else {
/* the entry already existed */
local_flags &= ~LOCAL_ADD_USER;
}
+ /* the 'other' acb bits not being changed here */
+ other_acb = (pdb_get_acct_ctrl(sam_pass) & (!(ACB_WSTRUST|ACB_DOMTRUST|ACB_SVRTRUST|ACB_NORMAL)));
+ if (local_flags & LOCAL_TRUST_ACCOUNT) {
+ if (!pdb_set_acct_ctrl(sam_pass, ACB_WSTRUST | other_acb) ) {
+ slprintf(err_str, err_str_len - 1, "Failed to set 'trusted workstation account' flags for user %s.\n", user_name);
+ pdb_free_sam(&sam_pass);
+ return False;
+ }
+ } else if (local_flags & LOCAL_INTERDOM_ACCOUNT) {
+ if (!pdb_set_acct_ctrl(sam_pass, ACB_DOMTRUST | other_acb)) {
+ slprintf(err_str, err_str_len - 1, "Failed to set 'domain trust account' flags for user %s.\n", user_name);
+ pdb_free_sam(&sam_pass);
+ return False;
+ }
+ } else {
+ if (!pdb_set_acct_ctrl(sam_pass, ACB_NORMAL | other_acb)) {
+ slprintf(err_str, err_str_len - 1, "Failed to set 'normal account' flags for user %s.\n", user_name);
+ pdb_free_sam(&sam_pass);
+ return False;
+ }
+ }
+
/*
* We are root - just write the new password
* and the valid last change time.