A user which got a valid (and working) ticket for a S3 server (cifs/servename@REALM) before its password change get access denied once the sever changed its password. How to repeat: kinit user klist -e (to check that the user has only a ticket from the DC) smbclient \\\\server\\ipc\c$ -k (this is working) net changetrustpw smbclient \\\\server\\ipc\c$ -k (this is not working: NT_STATUS_LOGON_FAILURE) This behavior occurs with s4 as a DC and w2k8
Sorry for picking this up late ... gonna look into this soon!
*** This bug has been marked as a duplicate of bug 7099 ***