[cifs-protocol] [EXTERNAL] S4U2Self and RODC - TrackingID#2203240040008827
Andreas Schneider
asn at samba.org
Wed Apr 20 09:02:29 UTC 2022
On Friday, April 8, 2022 6:12:44 PM CEST Jeff McCashland (He/him) wrote:
> Hi Andreas,
>
> I was able to track down the error and get an explanation. The request is
> failing because RODC PAC data isn't trusted for authorization as it may be
> stale. The only thing meaningful you can do with an RODC account on a full
> DC is exchange the RODC TGT for a 'real' TGT.
>
> Please let us know if you have any further questions on this issue.
That helped a lot, thank you very much!
--
Andreas Schneider asn at samba.org
Samba Team www.samba.org
GPG-ID: 8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D
More information about the cifs-protocol
mailing list