When trying a password change on a member server through a RODC, the local secrets.tdb files is change while the password change on the RWDC through the RODC have not been applied. However the local secrets.tdb file has been updated. So the machine is effectively out of the domain. This bug is shown in a RODC scenario, but it is probably more general, that is there is some code path that does not fails early when password change fails In the case of the samba RODC scenario, a windows member computer password change also fails, but it does not update its local password, so it does not lose its attachment to the domain. How to reproduce join a samba member server SRVFILE to the domain restrict SRVFILE network access to only the rodc preload the credentials of SRFILE on the rodc on SRVFILES, run wbinfo -t, it works properly on SRVFILES, run wbinfo -c, it fails on SRVFILES, run wbinfo -t fails The secrets.tdb file on SRVFILE has been updated with a new password, but the password change on the RWDC has not been updated.
The patches for bug #12782 will also fix the "unjoin" of this bug. Garming: does your commit here: http://git.catalyst.net.nz/gw?p=samba.git;a=commitdiff;h=108aaae12bdcf9d1ac377618c6ab016e7dedb854 already work around the problem? So that we don't even try to change the password against an RODC? Or is the RODC required to forward the change and we only have a problem with Samba based RODC's?
(In reply to Stefan Metzmacher from comment #1) All the other changes I made did not manage to prevent the password change attempt. It should forward the change as far as I know, so it is an issue with Samba RODC. At least with the unjoin prevented, everything will generally work but it shows that cli_credentials need to be pushed out further so that everything else can simply use the old password.