[Samba] NT_STATUS_INVALID_TOKEN after update to 4.13.14
kbass at kenbass.com
Sun Nov 21 16:58:26 UTC 2021
On 11/12/21 12:37 PM, Rowland Penny via samba wrote:
> So when I do it correctly:
> rowland at devstation:~$ smbclient -W SAMDOM -U Administrator
> Enter SAMDOM\Administrator's password:
> session setup failed: NT_STATUS_INVALID_TOKEN
> It still doesn't work, but if I use a normal user:
> rowland at devstation:~$ smbclient -W SAMDOM -U rowland //mintmate/data1
> Enter SAMDOM\rowland's password:
> Try "help" to get a list of possible commands.
> smb: \>
> It works!
> So, I think that the CVE I pointed to, is doing its job, you need to
> stop logging into Samba as Administrator. Not sure where this leaves us
> with '!root = SAMDOM\Administrator' in a usermap, I am going to have to
> do some testing.
So where does that leave us?
I mean, I am simply trying to do commands such as
net rpc rights list privileges SeDiskOperatorPrivilege -U
net rpc rights grant 'SAMDOM\Domain Admins' SeDiskOperatorPrivilege
None of these work anymore
More information about the samba