Samba Password Aging with NT Workstation 4.0 SP4 or SP5?

Alexander Remesch AR at
Tue Nov 2 17:07:41 GMT 1999

Thanks to the help of some people on this list I managed to add a few
lines to the rpc_server/srv_netlog.c file to implement password aging
for NT SP3. I did the following: get the aging info out of /etc/shadow
with getspnam() and then, if the password has expired, set the
NT_STATUS_PASSWORD_EXPIRED flag on return of api_net_sam_logon().

This works fine for NT workstations up to SP3. But MS feeled like
changing some of the behaviour of NT in SP4, so NT workstations SP4 and
above fail to change their passwords when expired with the error
message: "The password for this account cannot be changed (C00000BE).
Please contact your system administrator". If you do change your
password normally (Ctrl-Alt-Del) in SP4 and above it will work. The
problem is only with the expiration.

Can anyone help?

Alexander Remesch

More information about the samba-ntdom mailing list