Full_Name: Mark A. Ziesemer Version: 2.4.21 / HEAD OS: Ubuntu Linux URL: ftp://ftp.openldap.org/incoming/smbk5pwd-shadow-b.patch Submission from: (NULL) (2001:470:1f11:3ae:dc54:73ba:be16:148)
Using the PasswordModify Extended Operation (exop) along with the smbk5pwd slapd overlay provides several benefits, but does not currently include the shadowLastChange attribute of the shadowAccount class. This means the shadowLastChange is missed from update, unless specially done along with a PasswordModify.
This patch adds support for updating shadowLastChange into the smbk5pwd overlay for slapd.
An added benefit is that once the updated overlay is in effect, write access to the shadowLastChange attribute can optionally be restricted by configuration, preventing users from updating shadowLastChange without actually updating their password.
The SHA-1 hash of the provided patch (smbk5pwd-shadow-b.patch) is c29ff518ea4fe03a4c5ee87d07a3af0082256950 . (Please discard "smbk5pwd-shadow.patch".)
Patch was generated against HEAD just now, but also applies cleanly to 2.4.21.
I am currently using the patched overlay in my current environment without noticeable issue. However, C is not current primary language, so please give appropriate attention to review.
This patch file is derived from OpenLDAP Software. All of the modifications to OpenLDAP Software represented in the following patch were developed by Mark A. Ziesemer online@mark.ziesemer.com. I have not assigned rights and/or interest in this work to any party.
I, Mark A. Ziesemer, hereby place the following modifications to OpenLDAP Software (and only these modifications) into the public domain. Hence, these modifications may be freely used and/or redistributed for any purpose with or without attribution and/or other notice.