[Samba] Disabled account can still connect to domain

Andrew Bartlett abartlet at samba.org
Sat Oct 29 09:38:13 UTC 2016

On Fri, 2016-10-28 at 15:15 -0400, lingpanda101 via samba wrote:
> Hello,
>      I receive the following warning in my logs
> Account [HP48-PFD$] is disabled
> [2016/10/28 14:40:36.973803, 1, pid=1272, effective(0, 0), real(0,
> 0)] 
> ../source4/rpc_server/netlogon/dcerpc_netlogon.c:382(dcesrv_netr_Serv
> erAuthenticate3)
> It appears user accounts behave differently then computer accounts
> when 
> disabled. If I disable a user account via. ADUC, the user is not 
> permitted to log in. If I do the same for a computer account, any
> user 
> can still login from that workstation. Are there cached credentials
> I'm 
> not taking into account that is permitting this? Thanks.

Yes, user accounts are cached on the workstation. 

Andrew Bartlett

Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba mailing list