diff options
Diffstat (limited to 'source3/auth/check_samsec.c')
-rw-r--r-- | source3/auth/check_samsec.c | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/source3/auth/check_samsec.c b/source3/auth/check_samsec.c index 8bcd40e2de..ff634aa496 100644 --- a/source3/auth/check_samsec.c +++ b/source3/auth/check_samsec.c @@ -458,15 +458,21 @@ NTSTATUS check_sam_security(const DATA_BLOB *challenge, goto done; } + /* + * We must only reset the bad password count if the login was + * successful, including checking account policies + */ + nt_status = sam_account_ok(mem_ctx, sampass, user_info); + if (!NT_STATUS_IS_OK(nt_status)) { + goto done; + } + if ((acct_ctrl & ACB_NORMAL) && (pdb_get_bad_password_count(sampass) > 0)){ + NTSTATUS status; + pdb_set_bad_password_count(sampass, 0, PDB_CHANGED); pdb_set_bad_password_time(sampass, 0, PDB_CHANGED); - updated_badpw = True; - } - - if (updated_badpw){ - NTSTATUS status; become_root(); status = pdb_update_sam_account(sampass); @@ -478,12 +484,6 @@ NTSTATUS check_sam_security(const DATA_BLOB *challenge, } } - nt_status = sam_account_ok(mem_ctx, sampass, user_info); - - if (!NT_STATUS_IS_OK(nt_status)) { - goto done; - } - become_root(); nt_status = make_server_info_sam(mem_ctx, sampass, server_info); unbecome_root(); |