[Samba] [Solved?] Problem since upgrade to 4.5.1

mathias dufresne infractory at gmail.com
Mon Nov 21 09:36:08 UTC 2016 

RDP is the protocol used by Terminal Server, at least that's how I
understand it.

You had to enable NTLM auth, without NTLM you have only Kerberos and
Kerberos relies on SPN.

I still can be wrong (easily) but it seems to me not a huge work to verify
if you have these SPN on your Windows acting as RDP server.

2016-11-21 1:21 GMT+01:00 John Gardeniers via samba <samba at lists.samba.org>:

> Hi Rowland,
>
> Thanks for the suggestion. So far, since adding 'ntlm auth' to smb.conf on
> the DCs we are no longer having this problem. Only time will tell if it
> stays working but at least I'm no longer getting complaints from the users.
>
> regards,
> John
>
>
>
> On 21/11/16 10:00, Rowland Penny via samba wrote:
>
>> On Mon, 21 Nov 2016 09:31:28 +1100
>> John Gardeniers via samba <samba at lists.samba.org> wrote:
>>
>> Hi Rowland,
>>>
>>> I Upgraded from Samba 4.4.2 and we have tried the FQDN without
>>> success.
>>>
>>> regards,
>>> John
>>>
>>>
>>> On 21/11/16 08:02, Rowland Penny via samba wrote:
>>>
>>>> On Mon, 21 Nov 2016 07:42:30 +1100
>>>> John Gardeniers via samba <samba at lists.samba.org> wrote:
>>>>
>>>> Hi Louis,
>>>>>
>>>>> While it wasn't spelled out, it was firmly implied in my previous
>>>>> message that this problem appeared only after the Samba upgrade.
>>>>> Nothing else has changed that might impact RDP. There has been no
>>>>> change to machine names, IP addresses (we use DHCP reservations) or
>>>>> DNS entries. If a dash in the computer's name or DNS entry is
>>>>> behind this issue then it's clearly a rather serious bug in Samba.
>>>>>
>>>>> regards,
>>>>> John
>>>>>
>>>>>
>>>>> It might help if you told us what version you upgraded from.
>>>>
>>>> I think there have been problems with windows machine now requiring
>>>> the FQDN instead of the short hostname, so this 'may' be your
>>>> problem, note I say 'may'.
>>>>
>>>> Rowland
>>>>
>>>>
>>> About the only change real change was 'ntlm auth', try setting this to
>> 'ntlm auth = yes' in smb.conf. I don't think it should affect your
>> problem, but as I said, it is the only real change.
>>
>> Rowland
>>
>>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list