I am running samba client on arch linux and I run a hardening script on my domain controller that generated new gpos. Now I unable to mount windows server on linux clients. 1473.134869] CIFS: VFS: \\192.168.50.4 Send error in SessSetup = -5 [ 1473.134886] CIFS: VFS: cifs_mount failed w/return code = -5 [ 2725.958482] CIFS: Attempting to mount //192.168.50.4/radio [ 2725.965412] CIFS: Status code returned 0xc000018d STATUS_TRUSTED_RELATIONSHIP_FAILURE [ 2725.965428] CIFS: VFS: \\192.168.50.4 Send error in SessSetup = -5 [ 2725.965450] CIFS: VFS: cifs_mount failed w/return code = -5 wbinfo -u works fine ldb_wrap open of secrets.ldb [2023/09/13 04:26:24.445968, 1] ../../source3/rpc_client/cli_pipe.c:550(cli_pipe_validate_current_pdu) ../../source3/rpc_client/cli_pipe.c:550: RPC fault code DCERPC_FAULT_ACCESS_DENIED received from host den-dc01.HEBE.US! [2023/09/13 04:26:24.446950, 3] ../../lib/ldb-samba/ldb_wrap.c:332(ldb_wrap_connect) ldb_wrap open of secrets.ldb [2023/09/13 04:26:24.450943, 1] ../../source3/rpc_client/cli_pipe.c:550(cli_pipe_validate_current_pdu) ../../source3/rpc_client/cli_pipe.c:550: RPC fault code DCERPC_FAULT_ACCESS_DENIED received from host den-dc01.HEBE.US! [2023/09/13 04:26:24.451308, 1] ../../source3/winbindd/winbindd_cm.c:2688(cm_connect_sam) Unwilling to make SAMR connection to domain HEBE without connection level security, must set 'winbind sealed pipes:HEBE = false' and 'require strong key:H> [2023/09/13 04:26:24.452234, 3] ../../source3/winbindd/winbindd_msrpc.c:820(msrpc_lockout_policy) msrpc_lockout_policy: fetch lockout policy for HEBE [2023/09/13 04:26:24.452263, 3] ../../source3/winbindd/winbindd_cm.c:1918(connection_ok) connection_ok: Connection to den-dc01.HEBE.US for domain HEBE is not connected [2023/09/13 04:26:24.452318, 3] ../../source3/libsmb/namequery.c:2387(resolve_hosts) resolve_hosts: Attempting host lookup for name den-dc01.HEBE.US<0x20> [2023/09/13 04:26:24.453729, 3] ../../source3/libads/ldap.c:916(ads_connect) Successfully contacted LDAP server 192.168.1.8 Is the way to fix it on linux side or I need to disable something in gpo ?