Environment is: Samba DC running samba3 branch from svn. Windows NT 4 sp6 DC is trusted by Samba DC. Win2k member of Samba DC. When you log into win2k member as an expired account on the NT 4 domain Samba responds in the netlogon RPC with STATUS_NO_LOGON_SERVERS. The code that does this is in: auth/auth_winbind.c:check_winbind_security(). We only fill in the info3 structure when the return from winbindd_request_response is NSS_STATUS_SUCCESS. I think this structure needs filled in for the case of a failed auth with a user with an expired password from the trusted domain.
I did some traces of the same situation in a Windows only environment and found that the info3 structure is not filled in for this case, only the return code is different, STATUS_PASSWORD_EXPIRED instead of STATUS_NO_LOGON_SERVERS.
fixed by vl in revision 9709.