]> git.ipfire.org Git - thirdparty/samba.git/commit
projects / thirdparty / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3669479) | patch
dsdb: UF_SMARTCARD_REQUIRED can have a password expiry, if configured!
authorAndrew Bartlett <abartlet@samba.org>
Tue, 2 Apr 2024 22:54:00 +0000 (11:54 +1300)
committerAndrew Bartlett <abartlet@samba.org>
Mon, 10 Jun 2024 04:27:30 +0000 (04:27 +0000)
commitcc3ea4ed571ca033c357cebeea4511ba6dd9fa81
tree9e22b40bed443ac4973b45f2bcbc63f1658c0c7dtree | snapshot
parent3669479f22f2109a64250ffabd1f6453882d29f1commit | diff
dsdb: UF_SMARTCARD_REQUIRED can have a password expiry, if configured!

While the passwords are random and rolled on the server, we can tell
about the expiry by setting pwdLastSet to 0.

Samba now honours the password expiry.

This is only enabled for domain functional level 2016 and when
msDS-ExpirePasswordsOnSmartCardOnlyAccounts is set to TRUE.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
selftest/knownfail_heimdal_kdc diff | blob | blame | history
source4/dsdb/samdb/ldb_modules/operational.c diff | blob | blame | history
Mirror of https://github.com/samba-team/samba.git