--- pdbedit.c.ori	2007-04-24 13:47:46.050049872 +0200
+++ pdbedit.c	2007-04-24 13:47:15.033828893 +0200
@@ -50,6 +50,7 @@
 #define BIT_FIX_INIT    0x04000000
 #define BIT_BADPWRESET	0x08000000
 #define BIT_LOGONHOURS	0x10000000
+#define BIT_EXPIRE      0x20000000
 
 #define MASK_ALWAYS_GOOD	0x0000001F
 #define MASK_USER_GOOD		0x00405FE0
@@ -358,6 +359,46 @@
 }
 
 /*********************************************************
+ Reset password exparation for a list of Users 
+ Dr. Tilo Levante 15. April 2004
+**********************************************************/
+static int reset_password_expiration (struct pdb_context *in)
+{
+       SAM_ACCOUNT *sam_pwent=NULL;
+       BOOL check, ret;
+       
+       check = NT_STATUS_IS_OK(in->pdb_setsampwent(in, False));
+       if (!check) {
+               return 1;
+       }
+
+       check = True;
+       if (!(NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)))) return 1;
+
+       while (check && (ret = NT_STATUS_IS_OK(in->pdb_getsampwent (in, sam_pwent)))) {
+               printf("Updating record for user %s\n", pdb_get_username(sam_pwent));
+       
+               if (!pdb_set_pass_changed_now (sam_pwent)) {
+                       printf("Update of user %s expiration date failed!\n", pdb_get_username(sam_pwent));
+               }else{
+                 if (!pdb_update_sam_account(sam_pwent)) {
+                       printf("Update of user %s failed!\n", pdb_get_username(sam_pwent));
+                 }
+               }
+               pdb_free_sam(&sam_pwent);
+               check = NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent));
+               if (!check) {
+                       fprintf(stderr, "Failed to initialise new SAM_ACCOUNT structure (out of memory?)\n");
+               }
+                       
+       }
+       if (check) pdb_free_sam(&sam_pwent);
+       
+       in->pdb_endsampwent(in);
+       return 0;
+}
+
+/*********************************************************
  Fix a list of Users for uninitialised passwords
 **********************************************************/
 static int fix_users_list (struct pdb_methods *in)
@@ -748,6 +789,7 @@
 	static BOOL transfer_account_policies = False;
 	static BOOL reset_account_policies = False;
 	static BOOL  force_initialised_password = False;
+        static BOOL  reset_expire_passwords = False;
 	static char *logon_script = NULL;
 	static char *profile_path = NULL;
 	static char *user_domain = NULL;
@@ -790,6 +832,7 @@
 		{"value",       'C', POPT_ARG_LONG, &account_policy_value, 'C',"set the account policy to this value", NULL},
 		{"account-control",	'c', POPT_ARG_STRING, &account_control, 0, "Values of account control", NULL},
 		{"force-initialized-passwords", 0, POPT_ARG_NONE, &force_initialised_password, 0, "Force initialization of corrupt password strings in a passdb backend", NULL},
+                {"reset-expire-passwords", 0, POPT_ARG_NONE, &reset_expire_passwords, 0, "Reset passwort expiration", NULL},
 		{"bad-password-count-reset", 'z', POPT_ARG_NONE, &badpw_reset, 0, "reset bad password count", NULL},
 		{"logon-hours-reset", 'Z', POPT_ARG_NONE, &hours_reset, 0, "reset logon hours", NULL},
 		{"time-format", 0, POPT_ARG_STRING, &pwd_time_format, 0, "The time format for time parameters", NULL },
@@ -850,6 +893,7 @@
 			(user_name ? BIT_USER : 0) +
 			(list_users ? BIT_LIST : 0) +
 			(force_initialised_password ? BIT_FIX_INIT : 0) +
+                        (reset_expire_passwords ? BIT_EXPIRE : 0) +
 			(user_sid ? BIT_USERSIDS : 0) +
 			(modify_user ? BIT_MODIFY : 0) +
 			(add_user ? BIT_CREATE : 0) +
@@ -880,6 +924,10 @@
 	if (checkparms & BIT_FIX_INIT) {
 		return fix_users_list(bdef);
 	}
+       
+	if (checkparms & BIT_EXPIRE) {
+		return reset_password_expiration(bdef);
+	}
 
 	/* account policy operations */
 	if ((checkparms & BIT_ACCPOLICY) && !(checkparms & ~(BIT_ACCPOLICY + BIT_ACCPOLVAL))) {