s4:dsdb/password_hash: handle the DSDB_CONTROL_PASSWORD_DEFAULT_LAST_SET control

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9654

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
index 946ab34a785130973e228c722cc8b97f8587c187..af7ed551c513efdb4f12ba519adca238b8d772f4 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -101,6 +101,7 @@ struct ph_context {
        bool update_password;
        bool update_lastset;
        bool pwd_last_set_bypass;
+       bool pwd_last_set_default;
 };
 
 
@@ -2851,6 +2852,16 @@ static void ph_apply_controls(struct ph_context *ac)
                /* Mark the "bypass pwdLastSet" control as uncritical (done) */
                ctrl->critical = false;
        }
+
+       ac->pwd_last_set_default = false;
+       ctrl = ldb_request_get_control(ac->req,
+                               DSDB_CONTROL_PASSWORD_DEFAULT_LAST_SET_OID);
+       if (ctrl != NULL) {
+               ac->pwd_last_set_default = true;
+
+               /* Mark the "bypass pwdLastSet" control as uncritical (done) */
+               ctrl->critical = false;
+       }
 }
 
 static int ph_op_callback(struct ldb_request *req, struct ldb_reply *ares)