I have analysed the logs which Checkpoint helped to obtain from the Mobile Access blade, it seems that the primary error code is the same from Microsoft AD and Samba4 but the additional error code is different which is causing the issue resetting the users password.
[19 Jun 18:03:27][CPLDAPCL] server = hostnameremoved, SDK Response
[19 Jun 17:36:10][CPLDAPCL] server = hostnameremoved, SDK Response
I have also now been able to find some more information by searching the error codes.
confluence.atlassian.com/displa ... or+Code+49
Is there anything we can do to change this behavior?