From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 3 Feb 2016 18:33:51 +0000 (+0100)
Subject: s4:auth/sam: don't update lastLogon just because it's 0 currently
X-Git-Tag: tdb-1.3.10~617
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=869616ceb913d90ce0108fc8ccd97ae0844fd66c;p=thirdparty%2Fsamba.git

s4:auth/sam: don't update lastLogon just because it's 0 currently

Non interactive logons doesn't trigger an update
unless the (effective) badPwdCount is not 0 and lockoutTime is 0.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/source4/auth/sam.c b/source4/auth/sam.c
index 7d3e0755340..302a4e9b4f1 100644
--- a/source4/auth/sam.c
+++ b/source4/auth/sam.c
@@ -808,7 +808,6 @@ NTSTATUS authsam_logon_success_accounting(struct ldb_context *sam_ctx,
 	struct timeval tv_now;
 	NTTIME now;
 	NTTIME lastLogonTimestamp;
-	NTTIME lastLogon;
 
 	mem_ctx = talloc_new(msg);
 	if (mem_ctx == NULL) {
@@ -824,7 +823,6 @@ NTSTATUS authsam_logon_success_accounting(struct ldb_context *sam_ctx,
 	}
 	lastLogonTimestamp =
 		ldb_msg_find_attr_as_int64(msg, "lastLogonTimestamp", 0);
-	lastLogon = ldb_msg_find_attr_as_int64(msg, "lastLogon", 0);
 
 	DEBUG(5, ("lastLogonTimestamp is %lld\n",
 		  (long long int)lastLogonTimestamp));
@@ -856,7 +854,7 @@ NTSTATUS authsam_logon_success_accounting(struct ldb_context *sam_ctx,
 	tv_now = timeval_current();
 	now = timeval_to_nttime(&tv_now);
 
-	if (interactive_or_kerberos || lastLogon == 0 ||
+	if (interactive_or_kerberos ||
 	    (badPwdCount != 0 && lockoutTime == 0)) {
 		ret = samdb_msg_add_int64(sam_ctx, msg_mod, msg_mod,
 					  "lastLogon", now);