Ticket 49950 -  PassSync not setting pwdLastSet attribute in Active Directory after Pw update from LDAP sync for normal user
    
    Bug Description:
    
    If a user's password was reset by an "Admin" or directory manager, the
    password policy requires a user must change their password after it's
    been "reset", and the user then resets their password in DS, this
    information was not sent to AD.  Then if the user logged in AD after
    resetting their password in DS they still get forced to change their
    password again in AD.
    
    Fix Description:
    
    When sending a password update to AD, and AD is enforcing password must
    be reset, check if the user's did reset thier password.  If so, set the
    correct "pwdLastSet" value to prevent AD from forcing that user to
    change their password again.
    
    But this only works going from DS to AD.  The information needed to make
    it work from AD -> DS is not available to passSync, and if it was available
    it could not be correctly sent to DS anyway (not without a major redesign).
    
    Side Note:
    
    Also moved iand consolidated the function "fetch_attr" to util.c.  It
    was reused and redefined in many plugins.  So I added the definition
    to slapi-plugin.h and removed the duplicate definitions.
    
    https://pagure.io/389-ds-base/issue/49950
    
    Reviewed by: tbordaz(Thanks!)
    
    (cherry picked from commit d9437be2e60fdbd6a5f1364f5887e1a3c89cda68)
    (cherry picked from commit ac500d378aa22d5e818b110074ac9cd3e421e38d)