From: Howard Chu Date: Fri, 2 Sep 2005 20:38:05 +0000 (+0000) Subject: per LDAPext discussion, delete pwdAccountLockedTime on password change X-Git-Tag: OPENLDAP_REL_ENG_2_2_MP~499 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=f4637d60c2937aded7c6e9098cc4e408054777e1;p=openldap per LDAPext discussion, delete pwdAccountLockedTime on password change --- diff --git a/servers/slapd/overlays/ppolicy.c b/servers/slapd/overlays/ppolicy.c index cc5cb9d409..03a19697f3 100644 --- a/servers/slapd/overlays/ppolicy.c +++ b/servers/slapd/overlays/ppolicy.c @@ -119,7 +119,12 @@ static struct schema_info { "EQUALITY generalizedTimeMatch " "ORDERING generalizedTimeOrderingMatch " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 " - "SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )", + "SINGLE-VALUE " +#if 0 + /* Not until MANAGEDIT control is released */ + "NO-USER-MODIFICATION " +#endif + "USAGE directoryOperation )", &ad_pwdAccountLockedTime }, { "( 1.3.6.1.4.1.42.2.27.8.1.19 " "NAME ( 'pwdFailureTime' ) " @@ -1489,6 +1494,19 @@ do_modify: modtail = mods; } + if (attr_find(e->e_attrs, ad_pwdAccountLockedTime )) { + mods = (Modifications *) ch_malloc( sizeof( Modifications ) ); + mods->sml_op = LDAP_MOD_DELETE; + mods->sml_flags = SLAP_MOD_INTERNAL; + mods->sml_type.bv_val = NULL; + mods->sml_desc = ad_pwdAccountLockedTime; + mods->sml_values = NULL; + mods->sml_nvalues = NULL; + mods->sml_next = NULL; + modtail->sml_next = mods; + modtail = mods; + } + /* Delete the pwdReset attribute, since it's being reset */ if ((zapReset) && (attr_find(e->e_attrs, ad_pwdReset ))) { mods = (Modifications *) ch_malloc( sizeof( Modifications ) );