[Samba] ComputerSecureChannel -Verbose False since windows 10/11 update 07/2023
Philippe LeCavalier
support at plecavalier.com
Thu Jul 13 13:42:35 UTC 2023
On Thu, Jul 13, 2023 at 9:05 AM Fabio Muzzi via samba <samba at lists.samba.org>
wrote:
> On 13/07/2023 11.14, Samuel Wolf via samba wrote:
>
> >> I only know about local cache on the clients that allows to logon
> without the domain controller.
> >
> > Yes I guess it's working at the moment because of this cache, maybe
> > I'm totally wrong with my theory.
>
> I'd say that you are wrong, but I'm not sure at all.
>
> If that cache actually is involved, it should work even for non-domain RDP
> clients, because the auth process should happen between the RDP client and
> the RDP server (win10 pc) accessing its local cache.
>
> I have a test scenario that I cannot test now: get the RDP server on a
> network with the RDP client and make it so that the RDP server cannot reach
> the DC (basically you could just use a single cable between the two hosts).
> This way the cache is the only thing that it can use to authenticate. Does
> it work like this?
>
> Fabio
>
I can confirm that does not work.
More information about the samba
mailing list