samba - May 2003 - Disabling win client from changing their password.

I have set up samba with the user information stored in an LDAP directory.
The directory has both posixaccount and sambaaccount objectclasses. I have
created a webpage written php that allows users to change their password
that updates the crypt hash and the lm and nt hashes all at the same time.
The problem is that windows clients can change thier password using the
change password functionality in windows and it updates their lm and nt
hashes only. I am not interested in syncing the passwords with the unix
password and since I have the webpage that updates everything at once, I
just want to be able to disable windows clients from changing their password
through windows. Does anyone know how I can accomplish this? Please e-mail
me if you have any information. Thanks,

-Patrick Birke

patrick.birke@target.com