[Samba] Join DC has failed with error: NT_STATUS_PASSWORD_RESTRICTION
Rowland penny
rpenny at samba.org
Mon Sep 23 08:52:31 UTC 2019
On 23/09/2019 09:35, tomek82 wrote:
> Domain functional level: Windows Server 2008 R2
> Forest functional level Windows Server 2008 R2
>
> I was able to join to this server without bind support.
> Only when I've set --dns-backend=BIND9_DLZ than the exception is raised.
Samba only supports the schema versions as follows:
Samba <= 4.4.x has full support for schema version 47
From 4.5.0 to 4.10.x there was experimental support for schema 69
From 4.11.0 the schema version 69 is fully supported.
Windows Server 2016 uses schema 87 and this version is not supported yet.
As I said earlier, the code to create the password for the 'dns-*' user
is only run if you join with Bind9.
I would check what password complexity is required on the 2016 domain.
Rowland
More information about the samba
mailing list