[Samba] samba-4.2.0 join samba3 PDC

Francesco Malvezzi francesco.malvezzi at unimore.it
Tue Apr 14 00:41:15 MDT 2015

hi all,

my working samba-4.1.7 member of a samba3 domain (samba-3.5.3) failed
while updating to samba-4.2.0. Users were no longer able to access
shares because the trust account was broken.

According to release notes (Winbindd/Netlogon improvements):

For the client side we have the following new options:
"require strong key" (yes by default), "reject md5 servers" (no by default).
E.g. for Samba 3.0.37 you need "require strong key = no" and
for NT4 DCs you need "require strong key = no" and "client NTLMv2 auth =

so in samba-4.2.0 member's smb.conf I put:

 require strong key = no
 client NTLMv2 auth = no

but yet trust account wasn't able to authenticate on domain PDC.

Which are the correct switches to allow a samba-4.2.0 member to join a
samba3 PDC?

thank you,


More information about the samba mailing list