[Samba] RODC User's password replication, not implemented ?

Gaetan SLONGO gslongo at it-optics.com
Mon Aug 28 09:31:22 UTC 2017


I'm trying to add a Samba RODC in our environment (Samba 4.6.7) 

RODC is in the domain and viewable in the MMC, but all users are in " denied rodc password replication group". However these users are not in that group, and also not in a group member of that group (it seems) 

root at dc ~]# wbinfo -g test|grep -i denied 
DOMAIN\denied rodc password replication group 

I assume this is why I cannot make LDAP bind to my RODC 
However, kinit seem to work 

Thank you in advance 

More information about the samba mailing list