[Samba] Samba 4 AD SmartCard Authentication Problem
Hans Schulze
h.schulze at labor-ostsachsen.de
Thu Jul 20 09:05:40 UTC 2023
Confusing. Github says that is open. Ok. My mistake.
The question remains why the Windows clients allow login for an expired
certificate despite a correctly loaded CRL. What is the purpose of
specifying the CRL in smb.conf?
It seems to me that the smartcard login is not really reliable. Then my
users still have to log in with password. For now, as long as 4.19 is
not yet released.
Hans Schulze
EDV
Tel: +49 3581 66931-41
Fax: +49 3581 66931-281
Mail: h.schulze at labor-ostsachsen.de
Medizinisches Labor Ostsachsen MVZ GbR
Nebenbetriebsstätte Görlitz
Cottbuser Straße 11
D-02826 Görlitz
www.labor-ostsachsen.de <https://www.labor-ostsachsen.de>
Die Hauptbetriebsstätte der Medizinisches Labor Ostsachsen MVZ GbR
befindet sich in der Flinzstraße 1 in 02625 Bautzen. Die Medizinisches
Labor Ostsachsen MVZ GbR wird vertreten durch die Gesellschafter Prof.
Dr. med. habil. Thomas Luther, Dr. med. Niclaas Bliesener, Dr. med.
Claudia Friedrichs, Dr. med. Anja Gruss, Dr. med. Gilda Gudacker, Dr.
med univ. Christine Hofer, Thomas Kirchner und PD Dr. med. habil. Peter
Reichardt.
Sollten Sie nicht der vorgesehene Empfänger sein, würden wir Sie darum
bitten, dies dem Absender zu melden und darauf zu verzichten, Inhalte
der Mail weiter zu veröffentlichen.
Am 20.07.2023 um 10:47 schrieb Rowland Penny via samba:
>
>
> On 20/07/2023 09:37, Hans Schulze via samba wrote:
>> I found an old bugzilla report for this behavior:
>>
>> https://bugzilla.samba.org/show_bug.cgi?id=9612
>>
>> According to the statements in it, there was a patch already in
>> version 4.16 and in heimdal 8 last year? Which option must be in the
>> krb5.conf?
>
> Sorry, but I read it slightly differently, there was a patch
> available, but it wasn't integrated into 4.16, but it has now been
> added to samba master, so it should be in 4.19.0
>
> Rowland
>
More information about the samba
mailing list