r24611: Following up on the re-opening of bug 4817 is it pretty clear that

machine accounts are not subject to password policy in Win2k3 R2 (at
least in terms of password quality).

In testing this, I found that Win2k3 R2 has changed the way the old
ChangePassword RPC call is handled - the 'cross-checks' between new LM
and NT passwords are not required.

Andrew Bartlett
(This used to be commit 417ea885b41cc097a0bb3a10ffbffb31f234f25d)

1 files changed, 0 insertions, 2 deletions

diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 5a2fd7a07f..2198dc5ebc 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -312,7 +312,6 @@ static NTSTATUS dcesrv_netr_ServerPasswordSet(struct dcesrv_call_state *dce_call
 					   NULL, /* Don't have plaintext */
 					   NULL, &r->in.new_password,
 					   False, /* This is not considered a password change */
-					   False, /* don't restrict this password change (match w2k3) */
 					   NULL, NULL);
 	return nt_status;
 }
@@ -360,7 +359,6 @@ static NTSTATUS dcesrv_netr_ServerPasswordSet2(struct dcesrv_call_state *dce_cal
 					   new_pass, /* we have plaintext */
 					   NULL, NULL,
 					   False, /* This is not considered a password change */
-					   False, /* don't restrict this password change (match w2k3) */
 					   NULL, NULL);
 	return nt_status;
 }