22.214.171.124.6 Calling NetrServerPasswordSet
The client MUST do the following:
Pass the encrypted new password:
Pass a valid client Netlogon authenticator as the Authenticator parameter.
After the method returns, the client MUST verify the ReturnAuthenticator as described in section 126.96.36.199.
On receiving STATUS_ACCESS_DENIED, the client SHOULD<119> re-establish the secure channel with the domain controller.