The windows DPAPI fails after repeated user password change on Windows 7.
According to this bug report for UCS:
It is caused by the RSA modulus not being set to 2048 bits.
Samba developer Andrew Bartlett commented on the samba mailing list here:
That a patch would require a reviewer and testing to ensure against regressions.
This bug has been created to track when mainline samba implements a fix.
The patches have been tidied up and are proposed for master and 4.2 in bug #11097
*** This bug has been marked as a duplicate of bug 11097 ***