SMB (Samba) cannot authenticate users after change diradmin pw

Regulations require changing passwords periodically. Don't get be started on how brain dead that is, but you can't fight city hall.

If you change the diradmin password, your Windows users connecting via SMB can no longer authenticate. Apparently the problem is that the hash used by Samba to authenticate as diradmin so that it can authenticate the user and password fails. I can find nothing about how to update this hash.

Then Samba helpfully returns the same error result as if the user / password pair had been wrong.

This problem appears to have been around a while. Has there been any progress?

Can I report it as a bug somewhere, because it is after all required by law to be able to do this, or you can't use Mac OS X in many types of environment.