Remove password reset when the user can not change the password

core/templates/login.php

@@ -56,11 +56,15 @@ script('core', [
 			<input type="submit" id="submit" class="login primary icon-confirm svg" title="<?php p($l->t('Log in')); ?>" value="" disabled="disabled"/>
 		</p>
 
-		<?php if (isset($_['invalidpassword']) && ($_['invalidpassword'])): ?>
+		<?php if (!empty($_['invalidpassword']) && !empty($_['canResetPassword'])) { ?>
 		<a id="lost-password" class="warning" href="">
 			<?php p($l->t('Wrong password. Reset it?')); ?>
 		</a>
-		<?php endif; ?>
+		<?php } else if (!empty($_['invalidpassword'])) { ?>
+			<p class="warning">
+				<?php p($l->t('Wrong password.')); ?>
+			</p>
+		<?php } ?>
 		<?php if ($_['rememberLoginAllowed'] === true) : ?>
 		<div class="remember-login-container">
 			<input type="checkbox" name="remember_login" value="1" id="remember_login" class="checkbox checkbox--white">

lib/private/util.php

@@ -947,6 +947,12 @@ class OC_Util {
 			$parameters['redirect_url'] = $_REQUEST['redirect_url'];
 		}
 
+		$parameters['canResetPassword'] = true;
+		$user = \OC::$server->getUserManager()->get($_REQUEST['user']);
+		if ($user instanceof IUser) {
+			$parameters['canResetPassword'] = $user->canChangePassword();
+		}
+
 		$parameters['alt_login'] = OC_App::getAlternativeLogIns();
 		$parameters['rememberLoginAllowed'] = self::rememberLoginAllowed();
 		\OC_Hook::emit('OC_Util', 'pre_displayLoginPage', array('parameters' => $parameters));