From 34fe16e445bd9da762cedb0dd0872959f31ecd67 Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Thu, 19 Feb 2004 16:00:29 +0000 Subject: [PATCH] Add bad password reset and display of bad password count/time --- source/utils/pdbedit.c | 28 +++++++++++++++++++++++++--- 1 file changed, 25 insertions(+), 3 deletions(-) diff --git a/source/utils/pdbedit.c b/source/utils/pdbedit.c index 83663c52b6c..733a1289da3 100644 --- a/source/utils/pdbedit.c +++ b/source/utils/pdbedit.c @@ -48,6 +48,7 @@ #define BIT_IMPORT 0x01000000 #define BIT_EXPORT 0x02000000 #define BIT_FIX_INIT 0x04000000 +#define BIT_BADPWRESET 0x08000000 #define MASK_ALWAYS_GOOD 0x0000001F #define MASK_USER_GOOD 0x00401F00 @@ -153,6 +154,11 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst tmp = pdb_get_pass_must_change_time(sam_pwent); printf ("Password must change: %s\n", tmp ? http_timestring(tmp) : "0"); + + tmp = pdb_get_bad_password_time(sam_pwent); + printf ("Last bad password : %s\n", tmp ? http_timestring(tmp) : "0"); + printf ("Bad password count : %d\n", + pdb_get_bad_password_count(sam_pwent)); } else if (smbpwdstyle) { char lm_passwd[33]; @@ -277,7 +283,8 @@ static int set_user_info (struct pdb_context *in, const char *username, const char *fullname, const char *homedir, const char *drive, const char *script, const char *profile, const char *account_control, - const char *user_sid, const char *group_sid) + const char *user_sid, const char *group_sid, + const BOOL badpw) { SAM_ACCOUNT *sam_pwent=NULL; BOOL ret; @@ -348,6 +355,11 @@ static int set_user_info (struct pdb_context *in, const char *username, } pdb_set_group_sid (sam_pwent, &g_sid, PDB_CHANGED); } + + if (badpw) { + pdb_set_bad_password_count(sam_pwent, 0, PDB_CHANGED); + pdb_set_bad_password_time(sam_pwent, 0, PDB_CHANGED); + } if (NT_STATUS_IS_OK(in->pdb_update_sam_account (in, sam_pwent))) print_user_info (in, username, True, False); @@ -595,6 +607,7 @@ int main (int argc, char **argv) static char *group_sid = NULL; static long int account_policy_value = 0; BOOL account_policy_value_set = False; + static BOOL badpw_reset = False; struct pdb_context *bin; struct pdb_context *bout; @@ -625,6 +638,7 @@ int main (int argc, char **argv) {"value", 'C', POPT_ARG_LONG, &account_policy_value, 'C',"set the account policy to this value", NULL}, {"account-control", 'c', POPT_ARG_STRING, &account_control, 0, "Values of account control", NULL}, {"force-initialized-passwords", 0, POPT_ARG_NONE, &force_initialised_password, 0, "Force initialization of corrupt password strings in a passdb backend", NULL}, + {"bad-password-count-reset", 'z', POPT_ARG_NONE, &badpw_reset, 0, "reset bad password count", NULL}, POPT_COMMON_SAMBA POPT_TABLEEND }; @@ -677,7 +691,8 @@ int main (int argc, char **argv) (account_policy ? BIT_ACCPOLICY : 0) + (account_policy_value_set ? BIT_ACCPOLVAL : 0) + (backend_in ? BIT_IMPORT : 0) + - (backend_out ? BIT_EXPORT : 0); + (backend_out ? BIT_EXPORT : 0) + + (badpw_reset ? BIT_BADPWRESET : 0); if (setparms & BIT_BACKEND) { if (!NT_STATUS_IS_OK(make_pdb_context_string(&bdef, backend))) { @@ -774,6 +789,12 @@ int main (int argc, char **argv) /* mask out users options */ checkparms &= ~MASK_USER_GOOD; + + /* if bad password count is reset, we must be modifying */ + if (checkparms & BIT_BADPWRESET) { + checkparms |= BIT_MODIFY; + checkparms &= ~BIT_BADPWRESET; + } /* account operation */ if ((checkparms & BIT_CREATE) || (checkparms & BIT_MODIFY) || (checkparms & BIT_DELETE)) { @@ -810,7 +831,8 @@ int main (int argc, char **argv) home_drive, logon_script, profile_path, account_control, - user_sid, group_sid); + user_sid, group_sid, + badpw_reset); } } -- 2.11.4.GIT