From a4b47e71475a06c2e2287613b00648c5f53ae52c Mon Sep 17 00:00:00 2001 From: =?utf8?q?G=C3=BCnther=20Deschner?= Date: Mon, 4 Oct 2004 15:53:33 +0000 Subject: [PATCH] r2819: Make 'password history'-behaviour in ldapsam more consistent. Currently we cannot store more then 15 password history entries (windows NT4 allows to store 24) in ldapsam. When choosing more then "15" with pdbedit -P "password history", we fail to initialize the password history upon password change and overwrite the history, effectively using a password history of "1". We do already decrease any history-policy larger then 15 to 15 while storing the password history list attribute in ldap. Guenther --- source/passdb/pdb_ldap.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/source/passdb/pdb_ldap.c b/source/passdb/pdb_ldap.c index 751ec7e049c..02425810b36 100644 --- a/source/passdb/pdb_ldap.c +++ b/source/passdb/pdb_ldap.c @@ -727,6 +727,9 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state, uint8 *pwhist = NULL; int i; + /* We can only store (sizeof(pstring)-1)/64 password history entries. */ + pwHistLen = MIN(pwHistLen, ((sizeof(temp)-1)/64)); + if ((pwhist = malloc(pwHistLen * PW_HISTORY_ENTRY_LEN)) == NULL){ DEBUG(0, ("init_sam_from_ldap: malloc failed!\n")); return False; -- 2.47.3