3.1.5.6.4.6 UserInternal8Information

The server MUST process the message subject to the following constraints:

1. All updates MUST be done in the same transaction.

2. The server MUST satisfy the constraints listed in section 3.1.5.6.4.2.

3. If the section 2.2.1.8 USER_ALL_NTPASSWORDPRESENT or USER_ALL_LMPASSWORDPRESENT flag is present in the WhichFields field, the server MUST update the clearTextPassword attribute with the (decrypted) value of SAMPR_USER_INTERNAL8_INFORMATION.UserPassword presented by the client in the format of SAMPR_ENCRYPTED_PASSWORD_AES (section 2.2.6.32), while using as the decryption key the 16-byte SMB session key obtained as specified in section 3.1.2.4 and the AES Cipher as specified in section 3.2.2.4.

4. The value of UserPassword.PBKDFIterations, as specified in SAMPR_ENCRYPTED_PASSWORD_AES (section 2.2.6.32), is ignored by the server.