Confusing. Github says that is open. Ok. My mistake.
The question remains why the Windows clients allow login for an expired
certificate despite a correctly loaded CRL. What is the purpose of
specifying the CRL in smb.conf?
It seems to me that the smartcard login is not really reliable. Then my
users still have to log in with password. For now, as long as 4.19 is
not yet released.
Hans Schulze
EDV
Tel: +49 3581 66931-41
Fax: +49 3581 66931-281
Mail: h.schulze at labor-ostsachsen.de
Medizinisches Labor Ostsachsen MVZ GbR
Nebenbetriebsst?tte G?rlitz
Cottbuser Stra?e 11
D-02826 G?rlitz
www.labor-ostsachsen.de <https://www.labor-ostsachsen.de>
Die Hauptbetriebsst?tte der Medizinisches Labor Ostsachsen MVZ GbR
befindet sich in der Flinzstra?e 1 in 02625 Bautzen. Die Medizinisches
Labor Ostsachsen MVZ GbR wird vertreten durch die Gesellschafter Prof.
Dr. med. habil. Thomas Luther, Dr. med. Niclaas Bliesener, Dr. med.
Claudia Friedrichs, Dr. med. Anja Gruss, Dr. med. Gilda Gudacker, Dr.
med univ. Christine Hofer, Thomas Kirchner und PD Dr. med. habil. Peter
Reichardt.
Sollten Sie nicht der vorgesehene Empf?nger sein, w?rden wir Sie darum
bitten, dies dem Absender zu melden und darauf zu verzichten, Inhalte
der Mail weiter zu ver?ffentlichen.
Am 20.07.2023 um 10:47 schrieb Rowland Penny via samba:>
>
> On 20/07/2023 09:37, Hans Schulze via samba wrote:
>> I found an old bugzilla report for this behavior:
>>
>> https://bugzilla.samba.org/show_bug.cgi?id=9612
>>
>> According to the statements in it, there was a patch already in
>> version 4.16 and in heimdal 8 last year? Which option must be in the
>> krb5.conf?
>
> Sorry, but I read it slightly differently, there was a patch
> available, but it wasn't integrated into 4.16, but it has now been
> added to samba master, so it should be in 4.19.0
>
> Rowland
>