[Samba] Private Key Unavailable After Domain Password Change
Andrew Bartlett
abartlet at samba.org
Mon Sep 14 21:00:44 UTC 2020
On Mon, 2020-09-14 at 12:11 -0400, Bill Baird via samba wrote:
> Hi All!
>
> We are currently running one AD DC on 4.11.12 and one on 4.10.17
> (scheduled
> for replacement later this month). Sometimes when a user changes
> their
> domain password, we are seeing an issue where the private key is no
> longer
> available. Users on Windows 10 v1909 or v2004. This does not happen
> to all
> users.
Where do they change their password? If it isn't locally on the system
concerned (where it would re-encrypt the key store), I could see how
the machine would have trouble accessing the keys (via backupkey) until
the VPN was back up, creating a nasty chicken-and-egg situation.
Andrew Bartlett
--
Andrew Bartlett https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Developer, Catalyst IT
https://catalyst.net.nz/services/samba
More information about the samba
mailing list