[ltb-dev] [LDAP Tool Box - Bug #856] (New) Handle LDAP bind extended error format incompatibility with Samba4
noreply at lsc-project.org
noreply at lsc-project.org
Sat Apr 16 16:20:19 CEST 2016
Issue #856 has been reported by Yuri Bugelli.
----------------------------------------
Bug #856: Handle LDAP bind extended error format incompatibility with Samba4
http://tools.lsc-project.org/issues/856
Author: Yuri Bugelli
Status: New
Priority: Normal
Assigned to:
Category: Self Service Password
Target version:
This one is not strictly a LTB bug, but it seems we can't handle a Samba4 AD because of the wrong extended data samba returns when LTB is binding with user credentials.
For example, when a user must change the password at next logon, Windows AD returns something like:
*additional info: 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 773, v1db1*
where 773 is the code for "user must change the password"
while samba4 return this:
*additional info: Simple Bind Failed: NT_STATUS_PASSWORD_MUST_CHANGE*
the same thing for the code *532*, where Samba4 return *NT_STATUS_ACCOUNT_EXPIRED*
This breaks the change.php file functionality
I'm sending you my patch to solve this problem, at least until samba developers won't resolve the bug (n. 9048 on their bug tracker)
--
You have received this notification because you have either subscribed to it, or are involved in it.
To change your notification preferences, please click here: http://tools.lsc-project.org/my/account
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ltb-project.org/pipermail/ltb-dev/attachments/20160416/98821d76/attachment.htm>
More information about the ltb-dev
mailing list