This bug was referenced in samba master:

e3ebda8c6ae6e0c202e2b11a65b98b4f247ae4db
16335412ff312ecb330f7890bd3e94117a5fa6ff
30ca92a8164e1c3a76cdb798ee997d27621a5abb

Created attachment 17602 [details]
patch for 4.17

Comment on attachment 17602 [details]
patch for 4.17

lgtm

assign to Jule for inclusion in next 4.17

Pushed to autobuild-v4-17-test.

This bug was referenced in samba v4-17-test:

c59f9c33192d7ca985023db5bdfe6c3939458f75
d26e2da30c08658bb3cf3643ac9b906239351c09
c57b3d3751df90c945c96467a897416c892b8bf6

Closing out bug report.

Thanks!

I'm currently running some tests with current v4-17-test. The tests detected an unexpectet NT_STATUS_OK when changing a password, while NT_STATUS_PASSWORD_RESTRICTION is expected. This seems be related to this bug.

With v4-17-stable:
ERROR: Failed to change password : (-1073741716, "samr_ChangePasswordUser3 for '\\\\DC6.TEMP.TEST\\temp1' failed: NT_STATUS_PASSWORD_RESTRICTION")

With v4-17-stable + patch, attached to this bug report:
ERROR: Failed to change password : (-1073741716, "samr_ChangePasswordUser4 for '\\\\DC6.TEMP.TEST\\temp1' failed: NT_STATUS_OK")

This happens on systems with newer gnutls, e.g. 3.7.7. On systems with older gnutls, e.g. 3.6.16) I still get NT_STATUS_PASSWORD_RESTRICTION.

Is this a regression?

This bug was referenced in samba master:

53d558365161be1793dad78ebcce877c732f2419
eb5df255faea7326a7b85c1e7ce5a66119a27c3a

Created attachment 17700 [details]
additional patches for 4.17

Relates to issue described in Comment 8

This bug was referenced in samba v4-17-test:

77fb5b4762198d7fa1727b6e0b35cb172de1d627
1c7d60ee090155e0222284e937dd553d1eccc929

This bug was referenced in samba v4-17-stable (Release samba-4.17.4):

c59f9c33192d7ca985023db5bdfe6c3939458f75
d26e2da30c08658bb3cf3643ac9b906239351c09
c57b3d3751df90c945c96467a897416c892b8bf6
77fb5b4762198d7fa1727b6e0b35cb172de1d627
1c7d60ee090155e0222284e937dd553d1eccc929