From: Stefan Metzmacher Date: Thu, 11 Feb 2016 07:31:46 +0000 (+0100) Subject: s4:dsdb/samldb: add DSDB_CONTROL_PASSWORD_DEFAULT_LAST_SET_OID when defaulting pwdLas... X-Git-Tag: tdb-1.3.10~680 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=5980d123b8eaaff5d543f309c7886f6cb16efbe4;p=thirdparty%2Fsamba.git s4:dsdb/samldb: add DSDB_CONTROL_PASSWORD_DEFAULT_LAST_SET_OID when defaulting pwdLastSet=0 BUG: https://bugzilla.samba.org/show_bug.cgi?id=9654 Signed-off-by: Stefan Metzmacher Reviewed-by: Andrew Bartlett --- diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c index 667bd866a6f..b27c73bb9be 100644 --- a/source4/dsdb/common/util.c +++ b/source4/dsdb/common/util.c @@ -772,13 +772,21 @@ struct ldb_message_element *samdb_find_attribute(struct ldb_context *ldb, return NULL; } -int samdb_find_or_add_attribute(struct ldb_context *ldb, struct ldb_message *msg, const char *name, const char *set_value) +static int samdb_find_or_add_attribute_ex(struct ldb_context *ldb, + struct ldb_message *msg, + const char *name, + const char *set_value, + bool *added) { int ret; struct ldb_message_element *el; el = ldb_msg_find_element(msg, name); if (el) { + if (added != NULL) { + *added = false; + } + return LDB_SUCCESS; } @@ -787,9 +795,17 @@ int samdb_find_or_add_attribute(struct ldb_context *ldb, struct ldb_message *msg return ret; } msg->elements[msg->num_elements - 1].flags = LDB_FLAG_MOD_ADD; + if (added != NULL) { + *added = true; + } return LDB_SUCCESS; } +int samdb_find_or_add_attribute(struct ldb_context *ldb, struct ldb_message *msg, const char *name, const char *set_value) +{ + return samdb_find_or_add_attribute_ex(ldb, msg, name, set_value, NULL); +} + /* add a dom_sid element to a message */ @@ -5225,12 +5241,15 @@ NTSTATUS dsdb_update_bad_pwd_count(TALLOC_CTX *mem_ctx, * codePage, countryCode, lastLogoff, lastLogon * logonCount, pwdLastSet */ -int dsdb_user_obj_set_defaults(struct ldb_context *ldb, struct ldb_message *usr_obj) +int dsdb_user_obj_set_defaults(struct ldb_context *ldb, + struct ldb_message *usr_obj, + struct ldb_request *req) { int i, ret; const struct attribute_values { const char *name; const char *value; + const char *add_control; } map[] = { { .name = "accountExpires", @@ -5266,16 +5285,30 @@ int dsdb_user_obj_set_defaults(struct ldb_context *ldb, struct ldb_message *usr_ }, { .name = "pwdLastSet", - .value = "0" + .value = "0", + .add_control = DSDB_CONTROL_PASSWORD_DEFAULT_LAST_SET_OID, } }; for (i = 0; i < ARRAY_SIZE(map); i++) { - ret = samdb_find_or_add_attribute(ldb, usr_obj, - map[i].name, map[i].value); + bool added = false; + + ret = samdb_find_or_add_attribute_ex(ldb, usr_obj, + map[i].name, + map[i].value, + &added); if (ret != LDB_SUCCESS) { return ret; } + + if (req != NULL && added && map[i].add_control != NULL) { + ret = ldb_request_add_control(req, + map[i].add_control, + false, NULL); + if (ret != LDB_SUCCESS) { + return ret; + } + } } return LDB_SUCCESS; diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index ea88e4b4fe8..19229eb800c 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -1126,7 +1126,7 @@ static int samldb_objectclass_trigger(struct samldb_ctx *ac) bool uac_generated = false, uac_add_flags = false; /* Step 1.2: Default values */ - ret = dsdb_user_obj_set_defaults(ldb, ac->msg); + ret = dsdb_user_obj_set_defaults(ldb, ac->msg, ac->req); if (ret != LDB_SUCCESS) return ret; /* On add operations we might need to generate a diff --git a/source4/dsdb/samdb/ldb_modules/tombstone_reanimate.c b/source4/dsdb/samdb/ldb_modules/tombstone_reanimate.c index 0c6c500c7e9..fad856f9bbd 100644 --- a/source4/dsdb/samdb/ldb_modules/tombstone_reanimate.c +++ b/source4/dsdb/samdb/ldb_modules/tombstone_reanimate.c @@ -239,7 +239,7 @@ static int tr_restore_attributes(struct ldb_context *ldb, struct ldb_message *cu /* restoring 'user' instance attribute is heavily borrowed from samldb.c */ /* Default values */ - ret = dsdb_user_obj_set_defaults(ldb, new_msg); + ret = dsdb_user_obj_set_defaults(ldb, new_msg, NULL); if (ret != LDB_SUCCESS) return ret; /* Following are set only while reanimating objects */