From 97534fffe6d958827eff13d75aff9e6f68e97605 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Tue, 24 May 2016 08:51:45 +0200
Subject: [PATCH] s4:rpc_server/samr: only set pwdLastSet to "0" or "-1"

The password_hash module will take care of translating "-1"
to the current time.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9654

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---
 source4/rpc_server/samr/dcesrv_samr.c | 28 ++++++++++++----------------
 1 file changed, 12 insertions(+), 16 deletions(-)

diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
index 4dfbeb080d1..d1a5922afd6 100644
--- a/source4/rpc_server/samr/dcesrv_samr.c
+++ b/source4/rpc_server/samr/dcesrv_samr.c
@@ -3299,14 +3299,13 @@ static NTSTATUS dcesrv_samr_SetUserInfo(struct dcesrv_call_state *dce_call, TALL
 
 
 		IFSET(SAMR_FIELD_EXPIRED_FLAG) {
-			NTTIME t = 0;
+			const char *t = "0";
 			struct ldb_message_element *set_el;
 			if (r->in.info->info21.password_expired
 					== PASS_DONT_CHANGE_AT_NEXT_LOGON) {
-				unix_to_nt_time(&t, time(NULL));
+				t = "-1";
 			}
-			if (samdb_msg_add_uint64(sam_ctx, mem_ctx, msg,
-						 "pwdLastSet", t) != LDB_SUCCESS) {
+			if (ldb_msg_add_string(msg, "pwdLastSet", t) != LDB_SUCCESS) {
 				return NT_STATUS_NO_MEMORY;
 			}
 			set_el = ldb_msg_find_element(msg, "pwdLastSet");
@@ -3386,14 +3385,13 @@ static NTSTATUS dcesrv_samr_SetUserInfo(struct dcesrv_call_state *dce_call, TALL
 		}
 
 		IFSET(SAMR_FIELD_EXPIRED_FLAG) {
-			NTTIME t = 0;
+			const char *t = "0";
 			struct ldb_message_element *set_el;
 			if (r->in.info->info23.info.password_expired
 					== PASS_DONT_CHANGE_AT_NEXT_LOGON) {
-				unix_to_nt_time(&t, time(NULL));
+				t = "-1";
 			}
-			if (samdb_msg_add_uint64(sam_ctx, mem_ctx, msg,
-						 "pwdLastSet", t) != LDB_SUCCESS) {
+			if (ldb_msg_add_string(msg, "pwdLastSet", t) != LDB_SUCCESS) {
 				return NT_STATUS_NO_MEMORY;
 			}
 			set_el = ldb_msg_find_element(msg, "pwdLastSet");
@@ -3494,14 +3492,13 @@ static NTSTATUS dcesrv_samr_SetUserInfo(struct dcesrv_call_state *dce_call, TALL
 		}
 
 		IFSET(SAMR_FIELD_EXPIRED_FLAG) {
-			NTTIME t = 0;
+			const char *t = "0";
 			struct ldb_message_element *set_el;
 			if (r->in.info->info25.info.password_expired
 					== PASS_DONT_CHANGE_AT_NEXT_LOGON) {
-				unix_to_nt_time(&t, time(NULL));
+				t = "-1";
 			}
-			if (samdb_msg_add_uint64(sam_ctx, mem_ctx, msg,
-						 "pwdLastSet", t) != LDB_SUCCESS) {
+			if (ldb_msg_add_string(msg, "pwdLastSet", t) != LDB_SUCCESS) {
 				return NT_STATUS_NO_MEMORY;
 			}
 			set_el = ldb_msg_find_element(msg, "pwdLastSet");
@@ -3523,14 +3520,13 @@ static NTSTATUS dcesrv_samr_SetUserInfo(struct dcesrv_call_state *dce_call, TALL
 		}
 
 		if (r->in.info->info26.password_expired > 0) {
-			NTTIME t = 0;
+			const char *t = "0";
 			struct ldb_message_element *set_el;
 			if (r->in.info->info26.password_expired
 					== PASS_DONT_CHANGE_AT_NEXT_LOGON) {
-				unix_to_nt_time(&t, time(NULL));
+				t = "-1";
 			}
-			if (samdb_msg_add_uint64(sam_ctx, mem_ctx, msg,
-						 "pwdLastSet", t) != LDB_SUCCESS) {
+			if (ldb_msg_add_string(msg, "pwdLastSet", t) != LDB_SUCCESS) {
 				return NT_STATUS_NO_MEMORY;
 			}
 			set_el = ldb_msg_find_element(msg, "pwdLastSet");
-- 
2.11.4.GIT