Bug 4915 - Samba writes platform dependent TIME_T_MAX value to LDAP instead of the default value
Summary: Samba writes platform dependent TIME_T_MAX value to LDAP instead of the defau...
Status: RESOLVED INVALID
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: Client Tools (show other bugs)
Version: 3.0.25
Hardware: Other Linux
: P3 normal
Target Milestone: none
Assignee: Samba Bugzilla Account
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-08-23 04:11 UTC by Andreas Schneider
Modified: 2007-08-23 04:39 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Schneider 2007-08-23 04:11:18 UTC
Samba wants to save the platform dependent TIME_T_MAX value to LDAP for smbPwdMustChange. See the following part of the smbpasswd log:

ldapsam_add_sam_account: Adding new user
smbldap_make_mod: adding attribute |uid| value |test45$|
init_ldap_from_sam: Setting entry for user: test45$
smbldap_make_mod: adding attribute |sambaSID| value |S-1-5-21-4140701038-2269038077-3996389896-3044|
smbldap_make_mod: adding attribute |sambaPwdCanChange| value |1187772230|
smbldap_make_mod: adding attribute |sambaPwdMustChange| value |9223372036854775807|
smbldap_make_mod: adding attribute |sambaLMPassword| value |553AB9EB088B21E3AAD3B435B51404EE|
smbldap_make_mod: adding attribute |sambaNTPassword| value |BD02F79F679307DBA1C90A97BB3B12B4|
smbldap_make_mod: adding attribute |sambaPwdLastSet| value |1187772230|
smbldap_make_mod: adding attribute |sambaAcctFlags| value |[W          ]|
smbldap_add: dn => [uid=test45$,o=users]

From lib/account_pol.c:

{AP_MAX_PASSWORD_AGE, "maximum password age", (uint32) -1,
"Maximum password age, in seconds (default: -1 => never expire passwords)",ยท
"sambaMaxPwdAge" },

So the default value should be -1, but we try to save 9223372036854775807 on a 64bit client as the default. This is the TIME_T_MAX value defined in lib/time.c.

A patch will follow.
Comment 1 Andreas Schneider 2007-08-23 04:39:29 UTC
Sorry, the bug exists is only on 3.0.24.