Displaying 20 results from an estimated 1000 matches similar to: "Test-ComputerSecureChannel -Verbose False since windows 10/11 update 07/2023"
2023 Jul 13
1
Test-ComputerSecureChannel -Verbose False since windows 10/11 update 07/2023
Hi everyone!
On 7/12/23 15:03, Samuel Wolf via samba wrote:
> Any ideas what we can do/test?
thanks to Stefan Metzmacher we have a working fix, it's available at the
bugreport
https://bugzilla.samba.org/show_bug.cgi?id=15418
We're just about to release updated SAMBA+ packages, hopefully
distributions and other packagers pick up the fix quickly and ship updates.
-slow
--
Ralph
2023 Jul 14
1
Test-ComputerSecureChannel -Verbose False since windows 10/11 update 07/2023
Where to get the patch?
We are running samba 4.17.4 on debian11 . We compiled from source.
Greetings
Daniel
-----Urspr?ngliche Nachricht-----
Von: Ralph Boehme via samba [mailto:samba at lists.samba.org]
Gesendet: Donnerstag, 13. Juli 2023 18:40
An: samba <samba at lists.samba.org>
Betreff: Re: [Samba] Test-ComputerSecureChannel -Verbose False since windows 10/11 update 07/2023
Hi
2023 Jul 14
1
Test-ComputerSecureChannel -Verbose False since windows 10/11 update 07/2023
Hello all,
https://bugzilla.samba.org/show_bug.cgi?id=15418#c20 "This could be a shortterm fix in order to behave like an unpatched windows server"
What is the attack scenario of an unpatched windows server? After all Microsoft likely patched to fix an issue, the short term solution probably restores not only NLA but also the vulnerability..
I am not arguing against the fix, as the
2023 Jul 14
1
Test-ComputerSecureChannel -Verbose False since windows 10/11 update 07/2023
On 7/14/23 09:41, Ralph Boehme via samba wrote:
> On 7/14/23 07:42, Daniel M?ller wrote:
>> Where to get the patch?
>> We are running samba 4.17.4 on debian11 . We compiled from source.
>
> it's linked in the bugreport
>
> https://bugzilla.samba.org/show_bug.cgi?id=15418
>
>
2023 Jul 14
1
Test-ComputerSecureChannel -Verbose False since windows 10/11 update 07/2023
On 7/14/23 07:42, Daniel M?ller wrote:
> Where to get the patch?
> We are running samba 4.17.4 on debian11 . We compiled from source.
it's linked in the bugreport
https://bugzilla.samba.org/show_bug.cgi?id=15418
<https://cpaste.org/?df0494cac0063e2e#Cx69G684EBPQ71S6sAUVXSYburgV6gPyKHfPSbfmHZPJ>
Hth!
-slow
--
Ralph Boehme, Samba Team https://samba.org/
2023 Jul 13
1
Fwd: ComputerSecureChannel -Verbose False since windows 10/11 update 07/2023
The patch on Windows Server 2012 R2 that does the same thing as kb5028166 is KB5028228
> From: "Philippe LeCavalier" <support at plecavalier.com>
> To: "Bo Kersey" <bo at vircio.com>
> Cc: "samba" <samba at lists.samba.org>
> Sent: Thursday, July 13, 2023 10:43:55 AM
> Subject: Re: [Samba] Fwd: ComputerSecureChannel -Verbose False
2023 Jul 15
1
Fwd: ComputerSecureChannel -Verbose False since windows 10/11 update 07/2023
On Thu, Jul 13, 2023 at 11:47?AM Bo Kersey <bo at vircio.com> wrote:
> The patch on Windows Server 2012 R2 that does the same thing as kb5028166
> is KB5028228
>
>
> ------------------------------
>
> *From: *"Philippe LeCavalier" <support at plecavalier.com>
> *To: *"Bo Kersey" <bo at vircio.com>
> *Cc: *"samba" <samba
2023 Jul 13
1
ComputerSecureChannel -Verbose False since windows 10/11 update 07/2023
13.07.2023 19:17, Adi Kriegisch wrote:
> Hi!
>
>> I was looking at the code this morning trying to figure out how to
>> reject packet with lvl2 properly, - unfortunately I don't know samba
>> well enough to be able to find the place "quickly" and I got distracted
>> by other things. It was my first thought when someone posted the debug
>> info
2023 Jul 13
2
ComputerSecureChannel -Verbose False since windows 10/11 update 07/2023
Hi all,
just fyi:
https://lists.samba.org/archive/cifs-protocol/2023-July/004004.html
Cheers!
-slow
--
Ralph Boehme, Samba Team https://samba.org/
SerNet Samba Team Lead https://sernet.de/en/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc:
2023 Jul 14
1
ComputerSecureChannel -Verbose False since windows 10/11 update 07/2023
Mandi! Ralph Boehme via samba
In chel di` si favelave...
> just fyi:
> https://lists.samba.org/archive/cifs-protocol/2023-July/004004.html
I see the reference from a Microsoft man on an internal ticket:
TrackingID#2307130040007086
Can be plausible a client-side solution, via a registry/policy patch?
Someone have some clue?
Thanks.
--
Il backup ? quella cosa che andava fatta
2023 Jul 05
1
Synology shares not accessible...
Yes, in my opinion quite an arrogancy...
This is the translation of what I got from the supporter:
"Our developers have discussed and have concluded that we stand by our
previous statement and define the problem as a problem of Samba AD
Server (4.17.*). Although Synology is an open source product based on
Samba, but we don't always stick to it and adapt our own code in many
2023 Aug 18
1
...or howto change vfs_acl_xattr options inplace without changing access rights
Sebastian Neustein wrote:
> I have to migrate our data from one old samba server to a new one. Due
> to various reasons we had to change some settings. Now I struggle to
> get the acls right.
> ?Previously the acls were stored via posix and extended attributes,
> now they are stored only in extended attributes
With the default settings of vfs_acl_xattr samba takes posix acls
2023 Aug 21
1
Increase data length for SMB2 write and read requests for Windows 10 clients
On Mon, Aug 21, 2023 at 03:19:59PM +0200, Ralph Boehme wrote:
>On 8/21/23 11:53, Jones Syue ??? via samba wrote:
>>>OH - that's *really* interesting ! I wonder how it is
>>>changing the SMB3+ redirector to do this ?
>>
>>It looks like applications could do something and give a hint to SMB3+
>>redirector, so far not quite sure how to make it,
>>per
2023 Aug 21
1
...or howto change vfs_acl_xattr options inplace without changing access rights
Hi Ralph
> On 8/18/23 09:55, Sebastian Neustein via samba wrote:
>> With the default settings of vfs_acl_xattr samba takes posix acls
>> into account when delivering data - how can I activate
>> "acl_xattr:ignore system acls = yes"
>> without loosing the information saved in posix acls? Background: our
>> future file system won't be able to support
2023 Aug 21
2
Increase data length for SMB2 write and read requests for Windows 10 clients
Hello Jeremy,
> OH - that's *really* interesting ! I wonder how it is
> changing the SMB3+ redirector to do this ?
It looks like applications could do something and give a hint to SMB3+
redirector, so far not quite sure how to make it,
per process monitor (procmon) could show that write I/O size seems
could be pass from the application layers,
2024 Nov 11
1
Accessing Samba domain member shares from trusted domain
Is it described anywhere how to setup a domain member to share to a trusted AD domain?
Thanks,
Rob
-----Original Message-----
From: samba <samba-bounces at lists.samba.org> On Behalf Of Ralph Boehme via samba
Sent: Friday, November 8, 2024 4:35 PM
To: samba at lists.samba.org
Subject: Re: [Samba] Accessing Samba domain member shares from trusted domain
On 11/8/24 9:33 PM, Rowland Penny
2023 Jun 30
2
Group memberships on Linux AD Member (syncing randomly)
Hi,
I'm running Samba Active Directory 4.16.9 with packages from Sernet.
Domain members are Linux servers (Ubuntu 20.04, RHEL 8) with Sernet
Samba 4.16.x.
I'm getting crazy with group memberships syncing from AD to Linux
members. It is completely random as when changes in AD group are visible
in Linux OS (or more precise: winbind), it might take minutes, hours or
days as when these
2024 May 28
1
Async Query Directory (for VFS)
Thanks Ralph. Unfortunately that option doesn?t quite solve it.
However even if it did, it?d still be good to add Async support for such queries. If there is WIP then I can look into finishing off the code myself. Can you point me to any branch that has this WIP? Looking through Samba source3 internals, it looks somewhat straightforward to add primitive support along the lines of Async pread,
2023 Nov 15
1
understanding stat cache
Hello Ralph,
Thanks for that hint about case sensitivity's performance penalty.
For clarifaction: The user is doing mainly reads, so does the "create" you mention also cover opening/reading files? If only _creation_ of files is suffering from that we probably have some other/further performance issue.
We have gpfs, which does not offer a case-insensitive mode, neither does the
2024 Nov 22
1
Accessing Samba domain member shares from trusted domain
Hi Ralph
When you said I can't use idmap_ad in my trusting domain because 'we're not allowed to talk to a DC in the trusted domain', does that still apply even if we can provide a read-only DC from the trusted domain inside the trusting domain network?
Thanks,
Rob
-----Original Message-----
From: Ralph Boehme <slow at samba.org>
Sent: Tuesday, November 12, 2024 12:59