Volker Lendecke wrote: > On Mon, Apr 07, 2008 at 02:03:32PM -0400, Ryan Steele wrote: > >> #if defined(LDAP_CONSTRAINT_VIOLATION) >> if (rc == LDAP_CONSTRAINT_VIOLATION) >> return NT_STATUS_PASSWORD_RESTRICTION; >> #endif >> >> ...to pdb_ldap.c didn't seem to change the behavior at all. I suspect >> it's because LDAP_CONSTRAINT_VIOLATION isn't defined anywhere in my >> 3.0.24 source, though I could certainly be wrong. I'm grabbing the >> latest source from git to see where that's defined, but if anybody wants >> to head me off at the pass with the information, it's certainly welcome. >> > > If your LDAP libs don't have that define, you might try to > use the value from OpenLDAP: > > #define LDAP_CONSTRAINT_VIOLATION 0x13 > > Volker >
It's not defined in my Samba source, but I guess that was the wrong place to look. On my system, /usr/include/ldap.h does in fact have that defined. However, Samba still returns NT_STATUS_UNSUCCESSFUL, and Windows still reports that the password couldn't be changed because the domain was unavailable... have I zigged where I should've zagged, or is Samba not setting rc properly when it gets the response from LDAP? Thanks, Ryan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba