[Samba] Certificates stop working after password change in legacy domain
Roel van Meer
roel at 1afa.com
Mon Mar 16 07:15:47 MDT 2015
Andrew Bartlett writes:
> > we have a problem with users that have personal certificates. When they
> > change their password via the Ctrl-Alt-Del prompt, their personal
> > certificates can no longer be used to authenticate.
>
> I strongly suspect this is because the BackupKey RPC is not implemented
> in the Samba classic DC.
>
> > If so, could
> > someone give me a few pointers on where to start looking for a cause?
>
> Take a test system, and on an isolated network upgrade to a Samba AD DC.
> If you use Samba 4.2.0, this should then allow password changes.
An upgrade to Samba AD DC is scheduled for later this year. I'll postpone
this until then.
Thanks for your answer!
Roel
More information about the samba
mailing list