[Samba] Printserver after latest MS updates

Patrick Goetz pgoetz at math.utexas.edu
Tue Oct 19 17:30:12 UTC 2021



On 10/19/21 12:10, Jeremy Allison via samba wrote:
> On Tue, Oct 19, 2021 at 02:37:55PM +0200, cn--- via samba wrote:
>> Hello you all,
>> Microsoft is still trying to fix the PrintNightmare bugs. And after 
>> the latest patch day we see lots of NTLMv2 auths on our printserver. 
>> And _only_ on our printserver and not on any other member servers.
>>
>> It is not that Kerberos does not work. I can ssh into that machine 
>> using Kerberos I can connect with smbclient with kerberos. Also the 
>> logs are really spammed with those messages. And it all started after 
>> we released the last patchday updates from MS.
>> This is on RockyLinux with Samba Version 4.14.8 from Sernet. Also had 
>> the same Problem on 4.14.7. smb.conf is below.
>> Everything seems to work as expected. It just is the number of NTLMv2 
>> auths that made me look at this more closely.
> 
> NTLM auths can happen when a machine isn't using name-based
> lookups (i.e. not using DNS names). Kerberos requires name-based
> lookups in order to get tickets. That's usually the cause of
> NTLM.
> 

That comment confused me.  Are you saying that Windows authentication 
will automatically drop down to NTLMv2 if DNS isn't configured properly?




More information about the samba mailing list