dsdb: Reduce minimum maxPwdAge from 1 day to nil

This allows us to have tests, which pass on Windows, that
use a very short maxPwdAge.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
(cherry picked from commit 3669479f22f2109a64250ffabd1f6453882d29f1)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15655

diff --git a/source4/dsdb/samdb/ldb_modules/operational.c b/source4/dsdb/samdb/ldb_modules/operational.c
index 8c8bfa89ddef1ad0469cc287707333bdec8959d1..9ca96ac27de5b70a1520d33a7d6e73c8c2a90d6c 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/operational.c
+++ b/source4/dsdb/samdb/ldb_modules/operational.c
@@ -786,13 +786,13 @@ static NTTIME get_msds_user_password_expiry_time_computed(struct ldb_module *mod
         *
         * Possible values are in the range of:
         *
-        * maxPwdAge: -864000000001
+        * maxPwdAge: -2
         * to
         * maxPwdAge: -9223372036854775808 (-0x8000000000000000ULL)
         *
         */
        maxPwdAge = get_user_max_pwd_age(module, msg, parent, domain_dn);
-       if (maxPwdAge >= -864000000000) {
+       if (maxPwdAge >= -1) {
                /*
                 * This is not really possible...
                 */