4485 – ldapsam is limited to 15 password history entries

Bug 4485 - ldapsam is limited to 15 password history entries

Summary: ldapsam is limited to 15 password history entries

Status:	NEW

Alias:	None

Product:	Samba 3.0
Classification:	Unclassified
Component:	Domain Control (show other bugs)
Version:	3.0.11
Hardware:	All Linux

Importance:	P3 normal
Target Milestone:	none
Assignee:	Samba Bugzilla Account
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2007-04-04 05:10 UTC by Stefano Zanarini
Modified:	2007-04-04 05:10 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Stefano Zanarini 2007-04-04 05:10:20 UTC

+++ This bug was initially created as a clone of Bug #1914 +++

> due to it's current implementation (and pstring limitation), ldapsam does not
> handle more then 15 password history entries. (tdbsam and NT do). 

> Any "password history"-account policy larger then 15 is silently reduced to 15.

still same problem in 3.0.23a.
All ok if "password history" is less of 15 ,if grater the ldap attribute is deleted and only the last password is inserted (followed by "\0" ).

The size of attribute sambaPasswordHistory (hash + salt + 0s) is alwais 896 chars,in which only 14 passwords can remain :

32 byte of hash + 32 byte of salt * 14  

any ideas ?