dsdb: Add comment showing where the normal password rules are applied

This looks like a footnote, but is actually where the default password rules are applied.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index 7a12c71799bef0146c0906785d4e6d7a273146d7..d70419dc159be70b9cca8afc8760fa539a1d6a94 100644 (file)
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -2111,6 +2111,11 @@ enum samr_ValidationStatus samdb_check_password(TALLOC_CTX *mem_ctx,
 
        TALLOC_FREE(password_script);
 
+       /*
+        * Here are the standard AD password quality rules, which we
+        * run after the script.
+        */
+
        if (!check_password_quality(utf8_pw)) {
                return SAMR_VALIDATION_STATUS_NOT_COMPLEX_ENOUGH;
        }