hi all, my working samba-4.1.7 member of a samba3 domain (samba-3.5.3) failed while updating to samba-4.2.0. Users were no longer able to access shares because the trust account was broken. According to release notes (Winbindd/Netlogon improvements): For the client side we have the following new options: "require strong key" (yes by default), "reject md5 servers" (no by default). E.g. for Samba 3.0.37 you need "require strong key = no" and for NT4 DCs you need "require strong key = no" and "client NTLMv2 auth no", so in samba-4.2.0 member's smb.conf I put: require strong key = no client NTLMv2 auth = no but yet trust account wasn't able to authenticate on domain PDC. Which are the correct switches to allow a samba-4.2.0 member to join a samba3 PDC? thank you, Francesco