[Samba] Samba 4.17.8+dfsg-2 (Debian 12) | Test-ComputerSecureChannel False | no RDP access after july update
Samuel Wolf
samuelwolf85 at googlemail.com
Wed Jul 12 10:30:17 UTC 2023
Hi,
does anyone know if this is a windows or samba 4.17.8+dfsg-2 (Debian
12) problem?
Windows 10 and 11 with patch level june/2023 show:
Test-ComputerSecureChannel -Verbose
True
As soon I install the july/2023 patch windows show:
Test-ComputerSecureChannel -Verbose
False
Moved the machine to local workgroup, delete machine account on the ad
controller and rejoin it (which works),
but Test-ComputerSecureChannel -Verbose show again False.
Any idea?
Thanks.
Samuel
Am Di., 11. Juli 2023 um 23:18 Uhr schrieb Samuel Wolf
<samuelwolf85 at googlemail.com>:
>
> Hi,
>
> since the windows updates today we can not longer connect over RDP
> (freerdp) to any of our windows machines
> with a domain user:
> failed with NTSTATUS: STATUS_TRUSTED_RELATIONSHIP_FAILURE
>
> Local windows user works as expected and also RDP from one windows
> machine to another windows machine with a domain user works.
> I see Test-ComputerSecureChannel show False on windows 10/11, so I
> tried Test-ComputerSecureChannel -Repair and again result False.
>
> Samba log show:
> [...]
> [2023/07/11 23:02:11.348659, 3]
> ../../libcli/auth/schannel_state_tdb.c:129(schannel_store_session_key_tdb)
> schannel_store_session_key_tdb: stored schannel info with key
> SECRETS/SCHANNEL/CADMACHINE
> [2023/07/11 23:02:11.348684, 1] ../../librpc/ndr/ndr.c:668(_ndr_push_error)
> ndr_push_netr_Capabilities: ndr_push_error(Bad Switch): Bad switch
> value 2 at librpc/gen_ndr/ndr_netlogon.c:7652
> [...]
>
> Not sure this is also the root cause of the RDP problem.
>
> Any idea whats wrong here?
>
> Thank you.
>
> Samuel
More information about the samba
mailing list