+static void log_password_change_event(struct imessaging_context *msg_ctx,
+ struct loadparm_context *lp_ctx,
+ const struct tsocket_address *remote_client_address,
+ const struct tsocket_address *local_server_address,
+ const char *auth_description,
+ const char *password_type,
+ const char *original_client_name,
+ const char *account_name_from_db,
+ NTSTATUS status,
+ struct dom_sid *sid)
+{
+ /*
+ * Forcing this via the NTLM auth structure is not ideal, but
+ * it is the most practical option right now, and ensures the
+ * logs are consistent, even if some elements are always NULL.
+ */
+ struct auth_usersupplied_info ui = {
+ .mapped_state = true,
+ .was_mapped = true,
+ .client = {
+ .account_name = original_client_name,
+ .domain_name = lpcfg_sam_name(lp_ctx),
+ },
+ .mapped = {
+ .account_name = account_name_from_db,
+ .domain_name = lpcfg_sam_name(lp_ctx),
+ },
+ .remote_host = remote_client_address,
+ .local_host = local_server_address,
+ .service_description = "SAMR Password Change",
+ .auth_description = auth_description,
+ .password_type = password_type,
+ };
+
+ log_authentication_event(msg_ctx,
+ lp_ctx,
+ &ui,
+ status,
+ ui.mapped.domain_name,
+ ui.mapped.account_name,
+ NULL,
+ sid);
+}