[cifs-protocol] [EXTERNAL] S4U2Self and RODC - TrackingID#2203240040008827

Andreas Schneider asn at samba.org
Wed Apr 20 09:02:29 UTC 2022

On Friday, April 8, 2022 6:12:44 PM CEST Jeff McCashland (He/him) wrote:
> Hi Andreas,
> I was able to track down the error and get an explanation. The request is
> failing because RODC PAC data isn't trusted for authorization as it may be
> stale. The only thing meaningful you can do with an RODC account on a full
> DC is exchange the RODC TGT for a 'real' TGT.
> Please let us know if you have any further questions on this issue.

That helped a lot, thank you very much!

Andreas Schneider                      asn at samba.org
Samba Team                             www.samba.org
GPG-ID:     8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D

More information about the cifs-protocol mailing list