[Samba] Printserver after latest MS updates

Patrick Goetz pgoetz at math.utexas.edu
Tue Oct 19 17:30:12 UTC 2021

On 10/19/21 12:10, Jeremy Allison via samba wrote:
> On Tue, Oct 19, 2021 at 02:37:55PM +0200, cn--- via samba wrote:
>> Hello you all,
>> Microsoft is still trying to fix the PrintNightmare bugs. And after 
>> the latest patch day we see lots of NTLMv2 auths on our printserver. 
>> And _only_ on our printserver and not on any other member servers.
>> It is not that Kerberos does not work. I can ssh into that machine 
>> using Kerberos I can connect with smbclient with kerberos. Also the 
>> logs are really spammed with those messages. And it all started after 
>> we released the last patchday updates from MS.
>> This is on RockyLinux with Samba Version 4.14.8 from Sernet. Also had 
>> the same Problem on 4.14.7. smb.conf is below.
>> Everything seems to work as expected. It just is the number of NTLMv2 
>> auths that made me look at this more closely.
> NTLM auths can happen when a machine isn't using name-based
> lookups (i.e. not using DNS names). Kerberos requires name-based
> lookups in order to get tickets. That's usually the cause of

That comment confused me.  Are you saying that Windows authentication 
will automatically drop down to NTLMv2 if DNS isn't configured properly?

More information about the samba mailing list