Samba wants to save the platform dependent TIME_T_MAX value to LDAP for smbPwdMustChange. See the following part of the smbpasswd log: ldapsam_add_sam_account: Adding new user smbldap_make_mod: adding attribute |uid| value |test45$| init_ldap_from_sam: Setting entry for user: test45$ smbldap_make_mod: adding attribute |sambaSID| value |S-1-5-21-4140701038-2269038077-3996389896-3044| smbldap_make_mod: adding attribute |sambaPwdCanChange| value |1187772230| smbldap_make_mod: adding attribute |sambaPwdMustChange| value |9223372036854775807| smbldap_make_mod: adding attribute |sambaLMPassword| value |553AB9EB088B21E3AAD3B435B51404EE| smbldap_make_mod: adding attribute |sambaNTPassword| value |BD02F79F679307DBA1C90A97BB3B12B4| smbldap_make_mod: adding attribute |sambaPwdLastSet| value |1187772230| smbldap_make_mod: adding attribute |sambaAcctFlags| value |[W ]| smbldap_add: dn => [uid=test45$,o=users] From lib/account_pol.c: {AP_MAX_PASSWORD_AGE, "maximum password age", (uint32) -1, "Maximum password age, in seconds (default: -1 => never expire passwords)",ยท "sambaMaxPwdAge" }, So the default value should be -1, but we try to save 9223372036854775807 on a 64bit client as the default. This is the TIME_T_MAX value defined in lib/time.c. A patch will follow.
Sorry, the bug exists is only on 3.0.24.