Bug 5555 - net join for a Samba PDC doesn't set the 'password last set' field.
Summary: net join for a Samba PDC doesn't set the 'password last set' field.
Alias: None
Product: Samba 3.2
Classification: Unclassified
Component: User & Group Accounts (show other bugs)
Version: 3.2.0
Hardware: Other Linux
: P3 regression
Target Milestone: ---
Assignee: Guenther Deschner
QA Contact: Samba QA Contact
Depends on:
Reported: 2008-06-20 20:19 UTC by Jeremy Allison
Modified: 2008-06-24 18:39 UTC (History)
0 users

See Also:

Patch (540 bytes, patch)
2008-06-20 20:31 UTC, Jeremy Allison
no flags Details
Correct patch (777 bytes, patch)
2008-06-24 18:38 UTC, Jeremy Allison
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Jeremy Allison 2008-06-20 20:19:45 UTC
Guenther - the net_rpc_join.c code uses a level 24 to set the password when we are joining a Samba PDC. Inside smbd we don't update the password last set field from zero on level 24, only level 25. Thus the password last set is left at zero on a join and subsequent auth attempts on the machine account fail with a NT_STATUS_PASSWORD_MUST_CHANGE error.

I've reproduced this on 3.0.x but I think the same code is in 3.2 and this is a blocker bug for 3.2.0.

Comment 1 Jeremy Allison 2008-06-20 20:31:26 UTC
Created attachment 3356 [details]

Proposed patch ? I don't have your test matrix so I don't know if this is correct, but it seems to fix the problem for me.
Comment 2 Jeremy Allison 2008-06-24 18:38:41 UTC
Created attachment 3368 [details]
Correct patch
Comment 3 Jeremy Allison 2008-06-24 18:39:05 UTC
Fixed with supplied patch.