[Samba] Is RODC password replication different from the windows version by design or is it a bug?
Adam Minski
aminski316 at gmail.com
Fri Mar 29 09:16:25 UTC 2019
On 03/28/2019 05:32 PM, Rowland Penny via samba wrote:
[...]
>> Should the samba RDOC act like the windows version or is it different
>> by design?
>>
>
> Yes it should and there is a bug report for something similar already,
> see here: https://bugzilla.samba.org/show_bug.cgi?id=13377
>
> I know that is for members of the denied group, but the substance is
> the same, users are not getting authenticated on a RODC from a RWDC.
>
> Can you please add to that bug report ?
>
> Rowland
>
>
Thanks Rowland, that's exactly the topic. Garming Sam has commented it
yesterday, the issue is that kerberos forwarding isn't implemented for
now. That is exactly what wee seeing, authentication works __after__
(from the second attempt on) the initial password sync is done, the
first attempt isn't proxied.
Adam
More information about the samba
mailing list