[Samba] 3-part SPN problem after update 4.13.8 to 4.13.14
Nikita Druba
admin at npo-lencor.ru
Wed Nov 17 15:28:23 UTC 2021
17.11.2021 10:27, Andrew Bartlett via samba пишет:
> On Wed, 2021-11-17 at 08:36 +0100, Nikita Druba via samba wrote:
>> 16.11.2021 18:36, Andrew Bartlett пишет:
>>
>> I checked ldap base and for my DC$ account
>>
>> userAccountControl=69632
> This is your issue. Have you perhaps joined a FreeNAS server to your
> DC at some point? It had a very confusing GUI that encouraged you to
> wipe out the DC account.
>
> This userAccountControl is
> UF_WORKSTATION_TRUST_ACCOUNT|UF_DONT_EXPIRE_PASSWD and is therefore not
> a real Domain Controller.
This domain was started from samba 4.0 and DC several time moved from
one server to other by adding new DC and removing old. May be somewhere
in this migration procedures was some failures. I see at one of my new
domain, that there
userAccountControl=532480
I need just to set this value to userAccountControl? Or this task not so
easy?
I will try to run tests today's night.
More information about the samba
mailing list