VERY IMPORTANT NOTE:
If not compiled with -DREPLACE_GETPASS, only the first 8 characters of the password will be used. 

THIS IS A SECURITY RISK. 

If a password is 8 characters or less, the NT and LANMAN hashes will put the password in CLEAR TEXT into the generated string. As NetInfo is readable by all, this will allow anybody to extract the passwords!

Make sure you use -DREPLACE_GETPASS and force (samba) passwords to be longer than 8 characters.

If security means something to you and your users aren't willing to use (NT) passwords with more than eight characters, then store your samba passwords in a file and make sure that only root can access it! The search algorithm will check the file if no samba passwords are found in NetInfo.

OR 

You can add your own encryption/decryption for the storing/retrieving of Samba passwords to/from NetInfo. See netinfo/ni_crypt.c. (The crypting contents of the routines has been rmoved!)