[Samba] What are the potential side effects of Multi Versions of Samba AD in the same domain.

Marco Gaiarin gaio at lilliput.linux.it
Tue Sep 12 10:19:39 UTC 2023

Mandi! Andrew Bartlett via samba
  In chel di` si favelave...

> Additionally, your Samba 4.7.6 server, unless it has been getting
> security patches, will not interoperate with the 4.15.13 server for
> some specific Kerberos tasks around S4U2Proxy (constrained
> delegation).  MS did a massive 6-month or more period of allowing a new
> PAC buffer to be missing, we simply called a flag day (due to
> resources).  
> Finally, modern Windows 10/11, that is getting security patches, will
> fail to operate against the 4.7.6 DC (NETLOGON will fail), and even the
> 4.15.13 DC.  

You are speaking of:


so i need to update Samba (on DC, i suppose) to at least 4.18 before october
10, or netlogon will fail? Really?!

  Donna ti voglio cantare, donna sei luce, donna sei cenere
  donnai sei ansia, donnai sei danza
  e a volte nuvola sei...				(A. Branduardi)

More information about the samba mailing list