From 245d0f1b3dd844c680bfa9b1d9e56d26305e6bae Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Tue, 1 Apr 2014 10:54:27 +0200
Subject: [PATCH] s4:dsdb/samldb: remove fantasy code from
 samldb_user_account_control_change()

Setting UF_PASSWORD_EXPIRED doesn't reset "pwdLastSet" to "0"!

Change-Id: I9e004195ad864b8b3fe036986b1087398d1f6fc5
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---
 source4/dsdb/samdb/ldb_modules/samldb.c | 10 ----------
 1 file changed, 10 deletions(-)

diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index a8dcf91f23c..c2fcdbbad5d 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -1573,16 +1573,6 @@ static int samldb_user_account_control_change(struct samldb_ctx *ac)
 		uac_generated = true;
 	}
 	if ((user_account_control & UF_PASSWORD_EXPIRED) != 0) {
-		/* "pwdLastSet" reset as password expiration has been forced  */
-		ldb_msg_remove_attr(ac->msg, "pwdLastSet");
-		ret = samdb_msg_add_uint64(ldb, ac->msg, ac->msg, "pwdLastSet",
-					   (NTTIME)0);
-		if (ret != LDB_SUCCESS) {
-			return ret;
-		}
-		el = ldb_msg_find_element(ac->msg, "pwdLastSet");
-		el->flags = LDB_FLAG_MOD_REPLACE;
-
 		user_account_control &= ~UF_PASSWORD_EXPIRED;
 		uac_generated = true;
 	}
-- 
2.11.4.GIT