[Samba] No Domain Logon Possible after last Windows 11 Insider Update
alt36 at cam.ac.uk
Tue Jan 18 11:10:50 UTC 2022
On 18/01/2022 10:08, Dirk Laurenz via samba wrote:
> Hello everyone,
> i updated my windows 11 Insider to the latest build and afterwards is no
> domain logon is possible.
> I restored to the old state - and logons are possible - updated again - and
> no logon possible
This might be unrelated to your problem, but in case anyone else is
caught out by this ....
We have a custom usermap script in place due to our local setup (not
specifically due to some of the recent CVEs and subsequent fallout). We
do some parsing of the "DOMAIN+username" string passed to the script,
where DOMAIN is the upper-case version of our domain name.
We've had reports of behaviour where the latest Windows 11 build (sorry,
I don't know the build number) seems to forcibly lower-case (part or all
of?) saved credentials and a user then ends up trying to authenticate to
a share as "domain+user" rather than "DOMAIN+user", which we hadn't
properly handled in our usermap script. The user affected by this
reports they were able to successfully make their Win 11 client forget
any saved credentials and then re-save the original "DOMAIN+user"
version, after which they could connect to shares again.
Even if you don't have a usermap script in place, it might be worth
looking to see if you'd be affected by an unexpected/unhandled change in
the case of the domain name anywhere.
More information about the samba