[Samba] Problems with Samba AD and recent Windows versions

Johannes Holzhäuer johannes at holzhaeuer.de
Mon Mar 2 13:03:36 MST 2015


I am using samba 4 installed on a rpi with archlinux. It worked quite good
until I tried out Windows 10. I can join the domain, I can log into windows
with my user (member of "Domain Admins"), but some setups give me the error
"The requested operation cannot be completed. The computer must be trusted
for delegation and the current user account must be configured to allow
First I thought some configuration wasn't right, so I created some virtual
machines (both different windows versions and a centos 7 installation with
sernet-samba-4), but my tests didn't really help me. Here are my findings:

Test 1: Fresh install of Windows 10 9926 -> Above described error.
Test 2: Installing Windows 8, updating all the way to Windows 10: No error.
Everything works.
Test 3: Installing Windows 8.1 Update with the most current iso from msdn
(dec 15th 2014) -> Same error as in test 1.

My /etc/samba/smb.conf looks like this (no modification after running
samba-tool provision):
# Global parameters
        workgroup = TEST
        realm = TEST.HOLZHAEUER
        netbios name = SERVER
        server role = active directory domain controller
        dns forwarder =
        idmap_ldb:use rfc2307 = yes

        path = /var/lib/samba/sysvol/test.holzhaeuer/scripts
        read only = No

        path = /var/lib/samba/sysvol
        read only = No

Now my questions are:
Has anyone experienced something similar?
What other things could I do to narrow down the error?


More information about the samba mailing list