[Samba] Old samba password is valid after setting the new one.

[Dipl.-Ing. Péter Varkoly]

Hi,

I've detected a very strange behavior on samba 4.8.9 and 4.10.6.
After setting a new password for a user with samba-tool the old
password remains valid. The user can use both passwords.
After setting the third password become the first password invalid:

:~ # samba-tool user setpassword extisadm --newpassword=12AbCdEf
Changed password OK
:~ # samba-tool user setpassword extisadm --newpassword=12AbCdEG
Changed password OK
:~ # smbclient -L admin -U extisadm%12AbCdEf

        Sharename       Type      Comment
        ---------       ----      -------
        sysvol          Disk      
        groups          Disk      Shared directories of groups .....
        users           Disk      All users
        all             Disk      Folder for all
        alladmins       Disk      Folder for administration personal
        software        Disk      Folder for software
:~ # samba-tool user setpassword extisadm --newpassword=12AbCdEC
:~ # smbclient -L admin -U extisadm%12AbCdEf
session setup failed: NT_STATUS_LOGON_FAILURE

Is it a bug or a feature?

-- 
Dipl.-Ing. Péter Varkoly
Greuleinweg 37.
D-90411 Nürnberg