summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
authorMatthias Dieter Wallnöfer <mdw@samba.org>2010-11-08 11:33:53 +0100
committerMatthias Dieter Wallnöfer <mdw@samba.org>2010-11-08 11:27:03 +0000
commit0bfbf6d5264fb45d9b788a9dabad18826db1a875 (patch)
tree03b926e8ccbfafbb4f5ad5529aac6eeacac10b23 /source4
parent9154d4dcfc142c0a549993f2e1083eb52a759213 (diff)
downloadsamba-0bfbf6d5264fb45d9b788a9dabad18826db1a875.tar.gz
s4:password_hash LDB module - deleting password attributes is a little more complicated
Diffstat (limited to 'source4')
-rw-r--r--source4/dsdb/samdb/ldb_modules/password_hash.c12
1 files changed, 6 insertions, 6 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
index e5785f7fb7e..731b8e9922c 100644
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -1916,6 +1916,12 @@ static int setup_io(struct ph_context *ac,
ldb_asprintf_errstring(ldb,
"setup_io: "
"It' not possible to delete the password (changes using the LAN Manager hash alone could be deactivated)!");
+ /* on "userPassword" and "clearTextPassword" we've to return
+ * something different, since these are virtual attributes */
+ if ((ldb_msg_find_element(orig_msg, "userPassword") != NULL) ||
+ (ldb_msg_find_element(orig_msg, "clearTextPassword") != NULL)) {
+ return LDB_ERR_CONSTRAINT_VIOLATION;
+ }
return LDB_ERR_UNWILLING_TO_PERFORM;
}
@@ -2514,12 +2520,6 @@ static int password_hash_modify(struct ldb_module *module, struct ldb_request *r
ldb_msg_remove_element(msg, passwordAttr);
}
}
- if ((del_attr_cnt > 0) && (add_attr_cnt == 0)) {
- talloc_free(ac);
- ldb_set_errstring(ldb,
- "Only the delete action for a password change specified!");
- return LDB_ERR_CONSTRAINT_VIOLATION;
- }
if ((del_attr_cnt == 0) && (add_attr_cnt > 0)) {
talloc_free(ac);
ldb_set_errstring(ldb,