summaryrefslogtreecommitdiffstats
path: root/source3/auth/check_samsec.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/auth/check_samsec.c')
-rw-r--r--source3/auth/check_samsec.c22
1 files changed, 11 insertions, 11 deletions
diff --git a/source3/auth/check_samsec.c b/source3/auth/check_samsec.c
index 8bcd40e2de..ff634aa496 100644
--- a/source3/auth/check_samsec.c
+++ b/source3/auth/check_samsec.c
@@ -458,15 +458,21 @@ NTSTATUS check_sam_security(const DATA_BLOB *challenge,
goto done;
}
+ /*
+ * We must only reset the bad password count if the login was
+ * successful, including checking account policies
+ */
+ nt_status = sam_account_ok(mem_ctx, sampass, user_info);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ goto done;
+ }
+
if ((acct_ctrl & ACB_NORMAL) &&
(pdb_get_bad_password_count(sampass) > 0)){
+ NTSTATUS status;
+
pdb_set_bad_password_count(sampass, 0, PDB_CHANGED);
pdb_set_bad_password_time(sampass, 0, PDB_CHANGED);
- updated_badpw = True;
- }
-
- if (updated_badpw){
- NTSTATUS status;
become_root();
status = pdb_update_sam_account(sampass);
@@ -478,12 +484,6 @@ NTSTATUS check_sam_security(const DATA_BLOB *challenge,
}
}
- nt_status = sam_account_ok(mem_ctx, sampass, user_info);
-
- if (!NT_STATUS_IS_OK(nt_status)) {
- goto done;
- }
-
become_root();
nt_status = make_server_info_sam(mem_ctx, sampass, server_info);
unbecome_root();
generated by cgit (git 2.34.1) at 2024-09-25 14:31:03 +0000