1 --- pam_ldap-176/pam_ldap.c 2011-01-06 07:37:12.000000000 -0800
2 +++ pam_ldap-176/pam_ldap.c 2011-01-06 07:38:59.000000000 -0800
7 - if (!(session->conf->rootbinddn && getuid () == 0))
8 + if (!(session->conf->rootbinddn && getuid () == 0 && !(flags & PAM_CHANGE_EXPIRED_AUTHTOK)))
10 /* we are not root, authenticate old password */
11 if (try_first_pass || use_first_pass)