[Samba] samba 4.2 RDP problem
abartlet at samba.org
Tue Apr 14 18:28:16 MDT 2015
On Tue, 2015-04-14 at 16:35 +0200, Heinz Hölzl wrote:
> now i did some tests with the "auth methods" option.
> "auth methods = sam, sam_ignoredomain, unix, winbind, wbc, trustdomain, ntdomain, guest"
> -> RDP works
> -> smbclient -k does not work
> "auth methods = sam, sam_ignoredomain, unix, winbind, wbc, trustdomain, ntdomain, guest, samba4"
> -> RDP hangs an the welcome-scrren
> -> smbclient -k works fine
> it seems there ist some problem with the "auth methods = samba4"
Thanks for looking into this. In general, please don't change 'auth
methods', as it is the auth methods override that changes the behaviour
of the authentication stack, both for NTLM and for Kerberos, to match
what is needed for the AD DC.
Without it, we look in the wrong place when trying to decyrpt the
kerberos tickets, which explains the -k failures.
I'm also surprised it helped, as I thought we were overriding it.
That said, this is a very interesting debugging point.
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba