change_password() doesn't work with dcerpc_samr_ChangePasswordUser4(). We need to pass down the salt to use the one we already use of PBKDF2! Patch will follow!
This bug was referenced in samba master: e3ebda8c6ae6e0c202e2b11a65b98b4f247ae4db 16335412ff312ecb330f7890bd3e94117a5fa6ff 30ca92a8164e1c3a76cdb798ee997d27621a5abb
Created attachment 17602 [details] patch for 4.17
Comment on attachment 17602 [details] patch for 4.17 lgtm
assign to Jule for inclusion in next 4.17
Pushed to autobuild-v4-17-test.
This bug was referenced in samba v4-17-test: c59f9c33192d7ca985023db5bdfe6c3939458f75 d26e2da30c08658bb3cf3643ac9b906239351c09 c57b3d3751df90c945c96467a897416c892b8bf6
Closing out bug report. Thanks!
I'm currently running some tests with current v4-17-test. The tests detected an unexpectet NT_STATUS_OK when changing a password, while NT_STATUS_PASSWORD_RESTRICTION is expected. This seems be related to this bug. With v4-17-stable: ERROR: Failed to change password : (-1073741716, "samr_ChangePasswordUser3 for '\\\\DC6.TEMP.TEST\\temp1' failed: NT_STATUS_PASSWORD_RESTRICTION") With v4-17-stable + patch, attached to this bug report: ERROR: Failed to change password : (-1073741716, "samr_ChangePasswordUser4 for '\\\\DC6.TEMP.TEST\\temp1' failed: NT_STATUS_OK") This happens on systems with newer gnutls, e.g. 3.7.7. On systems with older gnutls, e.g. 3.6.16) I still get NT_STATUS_PASSWORD_RESTRICTION. Is this a regression?
This bug was referenced in samba master: 53d558365161be1793dad78ebcce877c732f2419 eb5df255faea7326a7b85c1e7ce5a66119a27c3a
Created attachment 17700 [details] additional patches for 4.17 Relates to issue described in Comment 8
This bug was referenced in samba v4-17-test: 77fb5b4762198d7fa1727b6e0b35cb172de1d627 1c7d60ee090155e0222284e937dd553d1eccc929
This bug was referenced in samba v4-17-stable (Release samba-4.17.4): c59f9c33192d7ca985023db5bdfe6c3939458f75 d26e2da30c08658bb3cf3643ac9b906239351c09 c57b3d3751df90c945c96467a897416c892b8bf6 77fb5b4762198d7fa1727b6e0b35cb172de1d627 1c7d60ee090155e0222284e937dd553d1eccc929