[PATCH] s4:rpc_server/netlogon: Fix for NetApp

Arvid Requate requate at univention.de
Thu Mar 19 13:38:09 MDT 2015


the attached patch fixes an issue where a NetApp filer joined to a Samba/ADDC 
cannot resolve SIDs. Without this patch the issue can only be avoided by 
setting "allow nt4 crypto = yes" in smb.conf.

Details are described in the git commit message.

Additional logs of the issue can be found at the original bug report 

Metzes git commit 321ebc99b5a00f82265aee741a48aa84b214d6e8 introduced a 
workaround for a different but related issue. This patch makes a minor 
adjustment to that commit to delay flushing the cached challenge until it's 
clear that we are not in a NT_STATUS_DOWNGRADE_DETECTED situation.

Please review and comment if this patch needs adjustment, e.g. for security 


Arvid Requate
Open Source Software Engineer

Univention GmbH
be open.
28359 Bremen
Tel. : +49 421 22232-52
Fax : +49 421 22232-99

requate at univention.de

Geschäftsführer: Peter H. Ganten
HRB 20755 Amtsgericht Bremen
Steuer-Nr.: 71-597-02876
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-s4-rpc_server-netlogon-Fix-for-NetApp.patch
Type: text/x-patch
Size: 2876 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20150319/7e72e012/attachment.bin>

More information about the samba-technical mailing list