From 029351571a5bd65a467ff9e7844a7a1ef3d688a0 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Matthias=20Dieter=20Walln=C3=B6fer?= <mwallnoefer@yahoo.de>
Date: Thu, 3 Dec 2009 10:48:44 +0100
Subject: [PATCH] s4:samdb_set_password - adapt it for the user password change
 handling

Make use of the new "change old password checked" control.
---
 source4/dsdb/common/util.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index a63c4204cc6..5deb1d08b15 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -1994,6 +1994,18 @@ NTSTATUS samdb_set_password(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
 		return NT_STATUS_NO_MEMORY;
         }
 
+	if (user_change) {
+		/* a user password change and we've checked already the old
+		 * password somewhere else (callers responsability) */
+		ret = ldb_request_add_control(req,
+					      DSDB_CONTROL_PASSWORD_CHANGE_OLD_PW_CHECKED_OID,
+					      true, NULL);
+		if (ret != LDB_SUCCESS) {
+			talloc_free(req);
+			talloc_free(msg);
+			return NT_STATUS_NO_MEMORY;
+		}
+	}
 	ret = ldb_request_add_control(req,
 				      DSDB_CONTROL_PASSWORD_HASH_VALUES_OID,
 				      true, NULL);
-- 
2.11.4.GIT