[Samba] Windows 11 24H2, Samba 4.21.3 AD DC and domain users cannot log in

Peter Milesson miles at atmos.eu
Wed Jan 22 14:32:29 UTC 2025




On 22.01.2025 13:00, Virgo Pärna via samba wrote:
>     One more detail... I'm working currently remotely, so I'm 
> accessing that Windows 11 computer over remote desktop. If I actually 
> supply incorrect password, then that error shows up on password promt 
> dialog (The logon attempt failed). If I supply correct password, then 
> connection is establised. I'll get Windows console view with "The 
> username or password is incorrect. Try again." And then I'm seeing 
> Windows login screen inside remote desktop window, where even shutdown 
> is available. So I'm successfully authenticated parially and connected 
> to console...
>
>     Strange thing is, that in that screen it shows on username in 
> "samba_realm\username" format (realm in uppercase), not 
> "samba_WORKGROUP\username" format, that I actually supplied (realm is, 
> how it is called in smb.conf - ad.company_name.blaah while workgoup is 
> COMPANY_NAME).
>
>
>
Hi Virgo,

I assume you use freerdp ver. 3 for connecting to the Windows 11 24H2 
desktop remotely. It is very particular about how you enter domain and 
user name. There seems to be only two accepted ways

Either /d:<domain.name.net> /u:<user name>

or /u:'<NETBIOS DOMAIN NAME>\<user name>'

You also need the switch /sec:nla

freerdp3 pretends to use kerberos, but that's not the case, unfortunately.

All other login variations are bound to fail.

Best regards,

Peter





More information about the samba mailing list