[Samba] Windows XP SP3 cannot join to the Samba AD domain on Debian 11 4.17.10

Rowland Penny rpenny at samba.org
Wed Sep 13 09:33:39 UTC 2023 

On Wed, 13 Sep 2023 11:24:30 +0200
Kees van Vloten via samba <samba at lists.samba.org> wrote:

> 
> Op 13-09-2023 om 11:11 schreef Rowland Penny via samba:
> > On Wed, 13 Sep 2023 11:45:10 +0300
> > Michael Tokarev via samba <samba at lists.samba.org> wrote:
> >
> >> 12.09.2023 22:36, Andrew Bartlett via samba:
> >>> Thanks.  Can you please write up a wiki page with these details?
> >> Andrew, are you sure we wan this info easily findable on the
> >> wiki? :) I mean, it is terrible, it really is.. I wonder if
> >> Microsoft allows to join WinXP machines to the current AD domain.
> >> The thing is that whole thing should not be used in 2023+,
> >> period.  Yes, I understand there might be various interesting use
> >> cases, but that often can be done on a stand-alone WinXP machine,
> >> not joined to a domain, - so the whole domain isn't crippled.
> > Hello Michael, I feel the same as yourself, I just wish that XP
> > would go away. The problem is that there are very expensive pieces
> > of equipment out there that use an embedded version of XP and these
> > will not go away. There are ways around them, such as 'sandboxing'
> > them.
> >
> > What I think the whole 'embedded' thing has shown, is that you
> > really shouldn't buy any expensive equipment that has a computer
> > that cannot be updated/upgraded easily.
> I don't know anything about this use-case for XP, but I do know that 
> things like ATMs in the past used very old software, some 10 years
> ago, some were still using Windows NT...
> 
> Now if you are into this kind of business, there is probably not much 
> you can choose. There are a few vendors and you have a long term 
> relation with one or two them. Replacing an ATM is not a simple job,
> let alone hundreds of them.

I fully understand this, but whilst companies buy very expensive things
with builtin, non replaceable computers, then this problem will
resurface every few years and to be honest, banks should know better.

Rowland

> >
> > Rowland
> >
> >> It's interesting that Win2003 does not require all the same
> >> low-security settings.
> >>
> >> BTW, Paolo, I'm curious, - which licensing concerns/issues do you
> >> have? Microsoft does not sell these versions of windows anymore.
> >> But granted, I've no idea what actual terms applies to already sold
> >> products now, way past end-of-life.
> >>
> >> Myself, I can't say I'm a "software pirate", but I do use many
> >> versions of windows on my own home machine - to test how windows
> >> behaves in various versions of QEMU and sometimes test them with
> >> samba too, - to ensure we ship good samba or qemu able to run
> >> windows. I don't have licenses for them, and I've no idea if such
> >> usage is legal or not (more likely not)..
> >>
> >>> This does disable all AES use, it is unfortunate that you had to
> >>> set the supported enctypes = 4, there may be a better way to do
> >>> this.
> >> [...]
> >>
> >>
> >
>

More information about the samba mailing list