[Samba] ComputerSecureChannel -Verbose False since windows 10/11 update 07/2023

Fabio Muzzi liste at kurgan.org
Thu Jul 13 09:08:00 UTC 2023

On 13/07/2023 10.38, Samuel Wolf via samba wrote:

>> For RDP using hostname and specifying the domain still does not
>> work (in my configuration, the RDP client is a non-domain PC with
>> windows 10 or 11 and the RDP server is a windows 10 PC that is in
>> the domain, and the username involved is a domain user, not a local
>> one).
> thats what I see, domain pc's work (because cache?) over RDP but 
> non-domain pc's don't work.
> Example from Debian workstation with freerdp: NTSTATUS:
> I don't want to think about what happens when the cache expires if
> I'm correct with my theory.

Samuel, I get the same error from a xfreerdp (non domain) machine to a win10. The same situation as yours.
Also it does not work from a windows non-domain pc, with more or less the same error.

Have you tried disabling NLA on the windows 10 pc that is the RDP "server"?

I don't know about your theory about caches, I'm not so into MS AD mechanisms, sadly, so I don't know about how caches are used for RDP and if they expire. I only know about local cache on the clients that allows to logon without the domain controller.
Fabio Muzzi Frabetti

More information about the samba mailing list